The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Thursday added a safety flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Identified Exploited Vulnerabilities (KEV) catalog, citing proof of energetic exploitation.
Tracked as CVE-2020-17519, the difficulty pertains to a case of improper entry management that would enable an attacker to learn any file on the native filesystem of the JobManager by its REST interface.
This additionally signifies that a distant unauthenticated attacker might ship a specifically crafted listing traversal request that would allow unauthorized entry to delicate info.
The vulnerability, which impacts Flink variations 1.11.0, 1.11.1, and 1.11.2, was addressed in January 2021 in variations 1.11.3 or 1.12.0.
The precise nature of the assaults exploiting the flaw is presently unknown, though Palo Alto Networks Unit 42 warned of intensive in-the-wild abuse between November 2020 and January 2021.
“A number of newly noticed exploits, together with CVE-2020-28188, CVE-2020-17519, and CVE-2020-29227, have emerged and were continuously being exploited in the wild as of late 2020 to early 2021,” safety researchers Lei Xu, Yue Guan, and Vaibhav Singhal famous in April 2021.
In gentle of the energetic exploitation of CVE-2020-17519, federal businesses are really helpful to use the most recent fixes by June 13, 2024, to safeguard their networks towards energetic threats.
