CVE-2020-17519

high-risk
Published 2021-01-05

A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.

Do I need to act?

!
94.3% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
1 public exploit available
49398
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Apache

References (35)

Exploit http://packetstormsecurity.com/files/160849/Apache-Flink-1.11.0-Arbitrary-File-R...
Mailing List http://www.openwall.com/lists/oss-security/2021/01/05/2
Mailing List https://lists.apache.org/thread.html/r0a433be10676f4fe97ca423d08f914e0ead341c901...
Mailing List https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a9...
Issue Tracking https://lists.apache.org/thread.html/r229167538863518738e02f4c1c5a8bb34c1d45dadc...
Issue Tracking https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93...
Issue Tracking https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623...
Issue Tracking https://lists.apache.org/thread.html/r2fc60b30557e4a537c2a6293023049bd1c49fd92b5...
Mailing List https://lists.apache.org/thread.html/r4e1b72bfa789ea5bc20b8afe56119200ed25bdab0e...
Mailing List https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038...
Mailing List https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038...
Mailing List https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038...
Issue Tracking https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038...
Mailing List https://lists.apache.org/thread.html/r88b55f3ebf1f8f4e1cc61f030252aaef4b77060b56...
Mailing List https://lists.apache.org/thread.html/r88f427865fb6aa6e6378efe07632a1906b430365e1...
Mailing List https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be40...
Issue Tracking https://lists.apache.org/thread.html/ra8c96bf3ccb4e491f9ce87ba35f134b4449beb2a38...
Exploit http://packetstormsecurity.com/files/160849/Apache-Flink-1.11.0-Arbitrary-File-R...
Mailing List http://www.openwall.com/lists/oss-security/2021/01/05/2
Mailing List https://lists.apache.org/thread.html/r0a433be10676f4fe97ca423d08f914e0ead341c901...
and 15 more references
65
/ 100
high-risk
Severity 26/34 · High
Exploitability 34/34 · Critical
Exposure 5/34 · Minimal