Mitigation: Users should update to Ollama version 0.17.1, which includes a patch for this vulnerability. More generally, they should deploy an authentication proxy or API gateway in front of all Ollama instances and never expose them to the internet without IP access filters and firewalls.”If your Ollama server was internet-accessible, assume environment variables and secrets in memory may be compromised,” Cyera said. “Rotate API keys, tokens, and credentials immediately.”On local networks, Ollama servers should also be isolated on secure network segments and behind firewalls. This general security advice pertains to all AI frameworks and AI agent frameworks, which are being increasingly targeted by attackers.Vulnerability management programs should monitor such tools, and their presence on networks should be regularly audited because employees might deploy such frameworks and tools without their company’s permission and knowledge.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4168584/ollama-vulnerability-highlights-danger-of-ai-frameworks-with-unrestricted-access.html
