The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Identified Exploited Vulnerabilities (KEV) catalog, citing proof of lively exploitation.
Tracked as CVE-2020-17519, the problem pertains to a case of improper entry management that might enable an attacker to learn any file on the native filesystem of the JobManager by its REST interface.
This additionally implies that a distant unauthenticated attacker may ship a specifically crafted listing traversal request that might allow unauthorized entry to delicate info.
The vulnerability, which impacts Flink variations 1.11.0, 1.11.1, and 1.11.2, was addressed in January 2021 in variations 1.11.3 or 1.12.0.
The precise nature of the assaults exploiting the flaw is presently unknown, though Palo Alto Networks Unit 42 warned of intensive in-the-wild abuse between November 2020 and January 2021.
“A number of newly noticed exploits, together with CVE-2020-28188, CVE-2020-17519, and CVE-2020-29227, have emerged and have been constantly being exploited within the wild as of late 2020 to early 2021,” security researchers Lei Xu, Yue Guan, and Vaibhav Singhal famous in April 2021.
In gentle of the lively exploitation of CVE-2020-17519, federal companies are really helpful to use the most recent fixes by June 13, 2024, to safeguard their networks in opposition to lively threats.
