GitHub Advisory DatabaseGHSA-9W4G-FP9H-3Q2VApache Flume vulnerable to remote code execution via deserialization of unsafe providerURL
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
79.5%
Flume’s JMSSource class can be configured with a providerUrl parameter. A JNDI lookup is performed on this name without performing validation. This could result in untrusted data being deserialized, leading to remote code execution (RCE) attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed in version 1.11.0.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| org.apache.flume.flume-ng-sources | flume-jms-source | * | cpe:2.3:a:org.apache.flume.flume-ng-sources:flume-jms-source:*:*:*:*:*:*:*:* |
References
github.com/advisories/GHSA-9w4g-fp9h-3q2v
github.com/apache/flume/commit/eee179a09df405c1ab55ae25a53b76ca1050bb97
issues.apache.org/jira/browse/FLUME-3437
lists.apache.org/thread/1ckhmp539zr2nd2rs45pocpywk2d9zvz
lists.apache.org/thread/939wkx8o90bp6m2ht3t1sdyo1ncypl78
nvd.nist.gov/vuln/detail/CVE-2022-42468
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
79.5%