Apache Vulnerability

Apache Flink Directory Traversal Vulnerability (CVE-2020-17518/17519) Threat Alert

janeiro 13, 2021

Overview

Recently, Apache Flink announced two directory traversal vulnerabilities, CVE-2020-17518 and CVE-2020-17519. Currently, Apache Flink has released a new version to fix the preceding vulnerability. Affected users are advised to upgrade as soon as possible.

(mais…)

Apache DolphinScheduler High-Risk Vulnerabilities (CVE-2020-11974, CVE-2020-13922) Handling Guide

setembro 26, 2020

1. Vulnerability Description

On September 11, 2020, NSFOCUS detected that the Apache Software Foundation released security advisories fixing Apache DolphinScheduler permission overwrite vulnerability (CVE-2020-13922) and Apache DolphinScheduler remote code execution vulnerability (CVE-2020-11974). CVE-2020-11974 is related to mysql connectorj remote code execution vulnerability. When choosing mysql as database, an attacker could execute code remotely on the DolphinScheduler server by inputting {“detectCustomCollations”:true, “autoDeserialize”:true} through jdbc connect parameters. CVE-2020-13922 allows an ordinary user to overwrite other users’ passwords in the DolphinScheduler system through api interface /dolphinscheduler/users/update. Affected users are advised to upgrade without delay.

(mais…)

Apache Kylin Remote Code Execution Vulnerability (CVE-2020-1956) Threat Alert

junho 9, 2020

Vulnerability Description Recently, Apache released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-1956) in Apache Kylin. Apache Kylin has some RESTful APIs that will associate OS commands with user-typed strings. As Apache Kylin fails to properly verify user inputs, an attacker could execute arbitrary system commands without authorization. Currently, […]

Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Threat Alert

agosto 13, 2019

1 Vulnerability Overview

Recently, Apache Software Foundation (ASF) issued a security bulletin to announce the fix of the remote arbitrary code execution vulnerability (CVE-2019-0193) in Apache Solr. This vulnerability exists in the DataImportHandler module, a common module used to import data from databases or other sources. The whole DIH configuration of this module can come from the dataConfig parameter included in an external request. As a DIH configuration can contain scripts, this parameter is a security risk. (mais…)

Apache Axis Remote Code Execution Vulnerability (CVE-2019-0227) Threat Alert

abril 19, 2019

Overview

The default service StockQuoteService.jws in Axis contains a hard-coded HTTP URL, which can be used to trigger an HTTP request. An attacker can conduct a man-in-the-middle (MITM) attack by taking control of a domain (www.xmltoday.com) or performing ARP poisoning against the targeted Axis server, and then redirect the HTTP request to a malicious web server before remotely executing code on the Apache Axis server (CVE-2019-0227). (mais…)

Apache HTTP Server Privilege Escalation Vulnerability (CVE-2019-0211) Threat Alert

abril 8, 2019

Overview

Recently, Apache Software Foundation released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211) in the Apache HTTP Server. Apache HTTP Server running MPM event, worker or prefork could allow an attacker to gain elevated privileges on the system by executing code in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter). By manipulating the scoreboard, an attacker could exploit this vulnerability to gain privileges of the parent process (usually root) and execute arbitrary code on the system. (mais…)