cnvd - cnvd-2024-39160

cnvd-2024-39160

Vulnerability from cnvd

Title: Apache NiFi远程代码执行漏洞

Description:

Apache NiFi是一款用于构建可靠、安全的数据管道的开源工具。它支持从各种来源收集、聚合和传输数据，并提供了强大的数据处理和转换功能。

Apache NiFi存在远程代码执行漏洞。该漏洞可以通过访问特定URL来配置一些处理器和控制器服务，从而使恶意代码得以执行。攻击者可以利用该漏洞执行任意代码，从而导致拒绝服务、获取敏感信息等恶意行为。

Severity: 高

Patch Name: Apache NiFi远程代码执行漏洞的补丁

Patch Description:

Apache NiFi是一款用于构建可靠、安全的数据管道的开源工具。它支持从各种来源收集、聚合和传输数据，并提供了强大的数据处理和转换功能。

Apache NiFi存在远程代码执行漏洞。该漏洞可以通过访问特定URL来配置一些处理器和控制器服务，从而使恶意代码得以执行。攻击者可以利用该漏洞执行任意代码，从而导致拒绝服务、获取敏感信息等恶意行为。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://nifi.apache.org/documentation/security/#CVE-2023-36542

Reference: https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof https://nifi.apache.org/security.html#CVE-2023-36542 http://www.openwall.com/lists/oss-security/2023/07/29/1 http://seclists.org/fulldisclosure/2023/Jul/43

Impacted products

Name
Apache Nifi >=0.0.2，<=1.22.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-36542",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-36542"
    }
  },
  "description": "Apache NiFi\u662f\u4e00\u6b3e\u7528\u4e8e\u6784\u5efa\u53ef\u9760\u3001\u5b89\u5168\u7684\u6570\u636e\u7ba1\u9053\u7684\u5f00\u6e90\u5de5\u5177\u3002\u5b83\u652f\u6301\u4ece\u5404\u79cd\u6765\u6e90\u6536\u96c6\u3001\u805a\u5408\u548c\u4f20\u8f93\u6570\u636e\uff0c\u5e76\u63d0\u4f9b\u4e86\u5f3a\u5927\u7684\u6570\u636e\u5904\u7406\u548c\u8f6c\u6362\u529f\u80fd\u3002\n\nApache NiFi\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u901a\u8fc7\u8bbf\u95ee\u7279\u5b9aURL\u6765\u914d\u7f6e\u4e00\u4e9b\u5904\u7406\u5668\u548c\u63a7\u5236\u5668\u670d\u52a1\uff0c\u4ece\u800c\u4f7f\u6076\u610f\u4ee3\u7801\u5f97\u4ee5\u6267\u884c\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u4ece\u800c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3001\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7b49\u6076\u610f\u884c\u4e3a\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://nifi.apache.org/documentation/security/#CVE-2023-36542",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-39160",
  "openTime": "2024-09-25",
  "patchDescription": "Apache NiFi\u662f\u4e00\u6b3e\u7528\u4e8e\u6784\u5efa\u53ef\u9760\u3001\u5b89\u5168\u7684\u6570\u636e\u7ba1\u9053\u7684\u5f00\u6e90\u5de5\u5177\u3002\u5b83\u652f\u6301\u4ece\u5404\u79cd\u6765\u6e90\u6536\u96c6\u3001\u805a\u5408\u548c\u4f20\u8f93\u6570\u636e\uff0c\u5e76\u63d0\u4f9b\u4e86\u5f3a\u5927\u7684\u6570\u636e\u5904\u7406\u548c\u8f6c\u6362\u529f\u80fd\u3002\r\n\r\nApache NiFi\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u901a\u8fc7\u8bbf\u95ee\u7279\u5b9aURL\u6765\u914d\u7f6e\u4e00\u4e9b\u5904\u7406\u5668\u548c\u63a7\u5236\u5668\u670d\u52a1\uff0c\u4ece\u800c\u4f7f\u6076\u610f\u4ee3\u7801\u5f97\u4ee5\u6267\u884c\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u4ece\u800c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3001\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7b49\u6076\u610f\u884c\u4e3a\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache NiFi\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Nifi \u003e=0.0.2\uff0c\u003c=1.22.0"
  },
  "referenceLink": "https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof\r\nhttps://nifi.apache.org/security.html#CVE-2023-36542\r\nhttp://www.openwall.com/lists/oss-security/2023/07/29/1\r\nhttp://seclists.org/fulldisclosure/2023/Jul/43",
  "serverity": "\u9ad8",
  "submitTime": "2023-08-10",
  "title": "Apache NiFi\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2023-36542 (GCVE-0-2023-36542)

Vulnerability from cvelistv5

Published

2023-07-29 07:12

Modified

2025-02-13 16:56

Severity ?

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Summary

Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The permission prevents unprivileged users from configuring Processors and Controller Services annotated with the new Reference Remote Resources restriction. Upgrading to Apache NiFi 1.23.0 is the recommended mitigation.

References

▼	URL	Tags
	https://nifi.apache.org/security.html#CVE-2023-36542	release-notes
	https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof	vendor-advisory
	http://seclists.org/fulldisclosure/2023/Jul/43
	http://www.openwall.com/lists/oss-security/2023/07/29/1

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache NiFi	Version: 0.0.2 ≤ 1.22.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:52:53.599Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "release-notes",
              "x_transferred"
            ],
            "url": "https://nifi.apache.org/security.html#CVE-2023-36542"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Jul/43"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/29/1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nifi",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "1.22.0",
                "status": "affected",
                "version": "0.0.2",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-36542",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-03T13:50:05.694658Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T13:52:05.108Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache NiFi",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "1.22.0",
              "status": "affected",
              "version": "0.0.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "nbxiglk"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The permission prevents unprivileged users from configuring Processors and Controller Services annotated with the new Reference Remote Resources restriction. Upgrading to Apache NiFi 1.23.0 is the recommended mitigation.\u003cbr\u003e"
            }
          ],
          "value": "Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The permission prevents unprivileged users from configuring Processors and Controller Services annotated with the new Reference Remote Resources restriction. Upgrading to Apache NiFi 1.23.0 is the recommended mitigation."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-30T08:06:09.301Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "release-notes"
          ],
          "url": "https://nifi.apache.org/security.html#CVE-2023-36542"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Jul/43"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/29/1"
        }
      ],
      "source": {
        "defect": [
          "NIFI-11744"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-06-19T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2023-06-20T19:00:00.000Z",
          "value": "confirmed"
        },
        {
          "lang": "en",
          "time": "2023-06-21T16:00:00.000Z",
          "value": "resolved"
        }
      ],
      "title": "Apache NiFi: Potential Code Injection with Properties Referencing Remote Resources",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2023-36542",
    "datePublished": "2023-07-29T07:12:18.290Z",
    "dateReserved": "2023-06-22T21:15:24.126Z",
    "dateUpdated": "2025-02-13T16:56:21.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted