Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionGitHub Advisory
Federated Learning and Interoperability Platform (FLIP) is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and credential-stuffing attacks. FLIP users are external to the organization, increasing credential reuse risk. As of time of publication, it is unclear if a patch is available.
AnalysisAI
The FLIP login page in versions 0.1.1 and prior lacks rate limiting and CAPTCHA protection, enabling unauthenticated remote attackers to conduct brute-force and credential-stuffing attacks against user accounts. The vulnerability affects the Federated Learning and Interoperability Platform, an open-source medical imaging AI training system where users are typically external to host organizations, amplifying the risk of credential reuse. While the CVSS score is low (2.7), the attack vector is network-based, requires no authentication or interaction, and directly enables unauthorized account access with potential integrity impact.
Technical ContextAI
The vulnerability stems from inadequate input validation and missing rate-limiting controls on the authentication endpoint (CWE-307: Improper Restriction of Rendered UI Layers or Frames). FLIP is a federated learning platform designed for collaborative medical imaging AI model training across healthcare institutions. The login mechanism lacks protective mechanisms such as exponential backoff, account lockout, or CAPTCHA challenges that would slow or block repeated authentication attempts. This is a classic implementation flaw in the authentication layer where the platform prioritizes availability over brute-force resilience. The affected product is distributed as open-source software via GitHub (CPE: cpe:2.3:a:londonaicentre:flip:*:*:*:*:*:*:*:*), making the vulnerability and attack surface publicly visible to all developers and potential attackers.
RemediationAI
Implement immediate compensating controls: deploy a web application firewall or reverse proxy with rate-limiting rules (e.g., 5 failed attempts per 15 minutes per source IP, account lockout after 10 failures) and enable CAPTCHA challenges after 3 consecutive failed login attempts. Upgrade to the patched version once available-check the GitHub security advisory at https://github.com/londonaicentre/FLIP/security/advisories/GHSA-p34f-488j-5cwv for release details. In the interim, consider requiring multi-factor authentication for all user accounts to reduce the impact of credential compromise, and audit login logs for suspicious authentication patterns indicating active brute-force attempts. No vendor-released patch version is independently confirmed at time of analysis; contact London AI Centre via the GitHub advisory channel for patch availability and timeline.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-16818