Preface: NVIDIA FLARE allows research and data scientists to adapt existing ML/DL workflow to federated learning paradigm.
Background: A critical Insecure Direct Object Reference (IDOR) vulnerability was identified in the NVIDIA NVFlare Dashboard (CVE-2026-24178). In federated learning environments—where privacy is paramount (e.g., HIPAA-compliant medical research)—this flaw allowed unauthorized users to bypass access controls and interact with data belonging to other participants.
The Dashboard’s RESTful API previously relied on user-supplied identifiers (such as job_id or user_id) to retrieve records. While the system verified that a user was logged in (Authentication), it failed to verify if that user actually owned or was authorized to access the specific record requested (Authorization). This allowed an attacker to simply change a numeric ID in an API request to view, modify, or delete sensitive information outside their scope.
Vulnerability details: NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service.
Remediation: The Patch
The vulnerability is fully addressed in NVIDIA FLARE SDK v2.7.2. The fix implements Attribute-Based Access Control (ABAC) by:
- Decoupling Trust: The backend no longer trusts the ID provided in the request URL/body as the sole source of authority.
- Enforcing Ownership: Every database query now automatically injects an
owner_idororg_idfilter derived from a secure, server-side session. - Silent Rejection: Unauthorized requests now correctly return a
403 Forbiddenerror, ensuring data isolation between collaborating parties.
Official announcement: Please refer to the link for details –