CVE-2020-17519 - Apache Flink Improper Access Control Vulnerability
CVE-2020-17519
Apache | Flink
- Date Added:
- 2024-05-23
- Due Date:
- 2024-06-13
- Vulnerability Name
Apache Flink Improper Access Control Vulnerability
- Description
Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local filesystem of the JobManager through its REST interface.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Additional Notes
- This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/typ0h03zyfrzjqlnb7plh64df1g2383d; https://nvd.nist.gov/vuln/detail/CVE-2020-17519
Free online web security scanner