cnvd - cnvd-2020-41505

cnvd-2020-41505

Vulnerability from cnvd

Title: Apache Flink注入漏洞

Description:

Apache Flink是美国阿帕奇软件（Apache Software）基金会的一款开源的分布式流数据处理引擎。该产品主要使用Java和Scala语言编写。

Apache Flink中存在安全漏洞。本地攻击者可借助特制请求利用该漏洞进行中间人攻击，入侵通过JMX与进程建立的连接，获取传递的数据。

Severity: 低

Patch Name: Apache Flink注入漏洞的补丁

Patch Description:

Apache Flink是美国阿帕奇软件（Apache Software）基金会的一款开源的分布式流数据处理引擎。该产品主要使用Java和Scala语言编写。

Apache Flink中存在安全漏洞。本地攻击者可借助特制请求利用该漏洞进行中间人攻击，入侵通过JMX与进程建立的连接，获取传递的数据。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-1960

Impacted products

Name
['Apache Flink >=1.1.0，<=1.1.5', 'Apache Flink >=1.2.0，<=1.2.1', 'Apache Flink >=1.3.0，<=1.3.3', 'Apache Flink >=1.4.0，<=1.4.2', 'Apache Flink >=1.5.0，<=1.5.6', 'Apache Flink >=1.6.0，<=1.6.4', 'Apache Flink >=1.7.0，<=1.7.2', 'Apache Flink >=1.8.0，<=1.8.3', 'Apache Flink >=1.9.0，<=1.9.2', 'Apache Flink 1.10.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-1960"
    }
  },
  "description": "Apache Flink\u662f\u7f8e\u56fd\u963f\u5e15\u5947\u8f6f\u4ef6\uff08Apache Software\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90\u7684\u5206\u5e03\u5f0f\u6d41\u6570\u636e\u5904\u7406\u5f15\u64ce\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u4f7f\u7528Java\u548cScala\u8bed\u8a00\u7f16\u5199\u3002\n\nApache Flink\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\uff0c\u5165\u4fb5\u901a\u8fc7JMX\u4e0e\u8fdb\u7a0b\u5efa\u7acb\u7684\u8fde\u63a5\uff0c\u83b7\u53d6\u4f20\u9012\u7684\u6570\u636e\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-41505",
  "openTime": "2020-07-21",
  "patchDescription": "Apache Flink\u662f\u7f8e\u56fd\u963f\u5e15\u5947\u8f6f\u4ef6\uff08Apache Software\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90\u7684\u5206\u5e03\u5f0f\u6d41\u6570\u636e\u5904\u7406\u5f15\u64ce\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u4f7f\u7528Java\u548cScala\u8bed\u8a00\u7f16\u5199\u3002\r\n\r\nApache Flink\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\uff0c\u5165\u4fb5\u901a\u8fc7JMX\u4e0e\u8fdb\u7a0b\u5efa\u7acb\u7684\u8fde\u63a5\uff0c\u83b7\u53d6\u4f20\u9012\u7684\u6570\u636e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Flink\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apache Flink \u003e=1.1.0\uff0c\u003c=1.1.5",
      "Apache Flink \u003e=1.2.0\uff0c\u003c=1.2.1",
      "Apache Flink \u003e=1.3.0\uff0c\u003c=1.3.3",
      "Apache Flink \u003e=1.4.0\uff0c\u003c=1.4.2",
      "Apache Flink \u003e=1.5.0\uff0c\u003c=1.5.6",
      "Apache Flink \u003e=1.6.0\uff0c\u003c=1.6.4",
      "Apache Flink \u003e=1.7.0\uff0c\u003c=1.7.2",
      "Apache Flink \u003e=1.8.0\uff0c\u003c=1.8.3",
      "Apache Flink \u003e=1.9.0\uff0c\u003c=1.9.2",
      "Apache Flink 1.10.0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-1960",
  "serverity": "\u4f4e",
  "submitTime": "2020-05-15",
  "title": "Apache Flink\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2020-1960 (GCVE-0-2020-1960)

Vulnerability from cvelistv5

Published

2020-05-14 16:02

Modified

2024-08-04 06:54

Severity ?

CWE

Information Disclosure

Summary

A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name>.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker's control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data.

References

▼	URL	Tags
	https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E	x_refsource_MISC
	https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034%40%3Cissues.flink.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r663cf0d5c386bba2f562d45ad484d786151a84f0b95e45e2b0fb8e50%40%3Cissues.flink.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d%40%3Cuser-zh.flink.apache.org%3E	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Apache Flink	Version: Apache Flink 1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.339Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210107 [GitHub] [flink-web] rmetzger commented on a change in pull request #408: Add security page for Flink",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r663cf0d5c386bba2f562d45ad484d786151a84f0b95e45e2b0fb8e50%40%3Cissues.flink.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d%40%3Cuser-zh.flink.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Flink",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Apache Flink 1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name\u003e.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker\u0027s control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-02T05:06:38",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20210107 [GitHub] [flink-web] rmetzger commented on a change in pull request #408: Add security page for Flink",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r663cf0d5c386bba2f562d45ad484d786151a84f0b95e45e2b0fb8e50%40%3Cissues.flink.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d%40%3Cuser-zh.flink.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2020-1960",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Flink",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Apache Flink 1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name\u003e.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker\u0027s control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20210107 [GitHub] [flink-web] rmetzger commented on a change in pull request #408: Add security page for Flink",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r663cf0d5c386bba2f562d45ad484d786151a84f0b95e45e2b0fb8e50@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2020-1960",
    "datePublished": "2020-05-14T16:02:50",
    "dateReserved": "2019-12-02T00:00:00",
    "dateUpdated": "2024-08-04T06:54:00.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted