CVE-2023-49795: 
Python vulnerability analysis and mitigation

MindsDB, a software that connects artificial intelligence models to real-time data, was found to contain a server-side request forgery (SSRF) vulnerability in versions prior to 23.11.4.1. The vulnerability, identified as CVE-2023-49795, was discovered in the file.py component and could lead to limited information disclosure (NVD, GitHub Advisory).

The vulnerability exists in the put method within mindsdb/mindsdb/api/http/namespaces/file.py where user-controlled URL in the source variable is not properly validated before being used to create arbitrary requests. The issue was identified using the SSRF CodeQL query for Python. The vulnerability has been assigned a CVSS v3.1 base score of 5.3 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N (GitHub Lab).

The SSRF vulnerability allows for forging arbitrary network requests from the MindsDB server. It can be exploited to scan nodes in internal networks for open ports that may not be accessible externally, as well as scan for existing files on the internal network. The vulnerability enables retrieval of files with csv, xls, xlsx, json or parquet extensions, which become viewable via MindsDB GUI. For any other existing files, it functions as a blind SSRF (GitHub Lab).

Users are advised to upgrade to MindsDB version 23.11.4.1 or use the staging branch, which contains the fix for this vulnerability. The fix includes implementation of proper URL validation and security checks (NVD, GitHub Advisory).