CISA Issues Alert over Active Exploitation of Apache Flink Vulnerability

May 23, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw affecting Apache Flink, an open-source unified stream-processing and batch-processing framework. This inclusion is based on evidence of active exploitation of the flaw.

The vulnerability, identified as CVE-2020-17519, involves a case of improper access control. This flaw could potentially enable an attacker to read any file on the local filesystem of the JobManager through its REST interface. Further, a remote unauthenticated attacker could send a specially crafted directory traversal request that could allow unauthorized access to sensitive information.

This vulnerability affects Flink versions 1.11.0, 1.11.1, and 1.11.2. However, it was addressed in January 2021 with the release of versions 1.11.3 or 1.12.0.

The specifics of the attacks exploiting this flaw are currently unknown. However, Palo Alto Networks Unit 42 has warned of extensive abuse of the vulnerability in-the-wild between November 2020 and January 2021. In a quote from April 2021, security researchers Lei Xu, Yue Guan, and Vaibhav Singhal noted, 'Several newly observed exploits, including CVE-2020-28188, CVE-2020-17519, and CVE-2020-29227, have emerged and were continuously being exploited in the wild as of late 2020 to early 2021.'

Given the ongoing exploitation of CVE-2020-17519, federal agencies are advised to apply the latest fixes by June 13, 2024, to protect their networks from active threats.

Latest News

• GitLab Patches High-Severity Flaw Allowing Account Takeovers
• GHOSTENGINE Uses Vulnerable Drivers to Disable EDRs in Sophisticated Cryptojacking Attack
• Microsoft Exchange Server Vulnerabilities Leveraged in Keylogger Attacks
• Critical Security Flaw in Veeam Backup Enterprise Manager: Urgent Patch Required
• Critical Security Vulnerability in GitHub Enterprise Server Allows Authentication Bypass