CISA Warns of Actively Exploited Apache Flink Security Vulnerability

A security issue affecting Apache Flink, an open-source, unified stream-processing and batch-processing framework, was added to the Known Exploited Vulnerabilities (KEV) database on Thursday by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), citing evidence of active exploitation.

Under incorrect access control, any file on the local filesystem of the JobManager could be accessed by an attacker via its REST interface. This problem is being tracked as CVE-2020-17519.

Additionally, this implies that a remote, unauthenticated attacker can submit a carefully constructed directory traversal request that would provide unwanted access to private data read more CISA Warns of Actively Exploited Apache Flink Security Vulnerability.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *