CISA Warns of Actively Exploited Apache Flink Security Vulnerability

Cyber Security

Products You May Like

May 23, 2024NewsroomThreat Intelligence / Vulnerability,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

Tracked as CVE-2020-17519, the issue relates to a case of improper access control that could allow an attacker to read any file on the local filesystem of the JobManager through its REST interface.

This also means that a remote unauthenticated attacker could send a specially crafted directory traversal request that could permit unauthorized access to sensitive information.

The vulnerability, which impacts Flink versions 1.11.0, 1.11.1, and 1.11.2, was addressed in January 2021 in versions 1.11.3 or 1.12.0.

Cybersecurity

The exact nature of the attacks exploiting the flaw is presently unknown, although Palo Alto Networks Unit 42 warned of extensive in-the-wild abuse between November 2020 and January 2021.

“Several newly observed exploits, including CVE-2020-28188, CVE-2020-17519, and CVE-2020-29227, have emerged and were continuously being exploited in the wild as of late 2020 to early 2021,” security researchers Lei Xu, Yue Guan, and Vaibhav Singhal noted in April 2021.

In light of the active exploitation of CVE-2020-17519, federal agencies are recommended to apply the latest fixes by June 13, 2024, to safeguard their networks against active threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

X Said to Be Developing Feature That Lets Users Disable Links in Post Replies
Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware
Amazon Prime Day 2024 Sale: Best Deals on Tablets From Apple, Samsung, OnePlus, and More
Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Leave a Reply

Your email address will not be published. Required fields are marked *