Subj : Apache Flink flaw is back, and being actively exploited
To   : All
From : TechnologyDaily
Date : Fri May 24 2024 12:45:05

Apache Flink flaw is back, and being actively exploited

Date:
Fri, 24 May 2024 11:30:10 +0000

Description:
An improper access control flaw is being actively exploited, CISA is warning.

FULL STORY
======================================================================

The US Cybersecurity and Infrastructure Security Agency (CISA) recently added 
a three-year-old vulnerability to its Known Exploited Vulnerabilities (KEV) 
catalog, thus warning federal agencies that hackers are actively exploiting 
it to compromise devices without endpoint protection . 

The vulnerability in question is an improper access control flaw found in 
Apache Flink back in January 2021. 

Apache Flink is an open-source stream-processing framework developed and 
maintained by the Apache Software Foundation. It is designed to process large 
volumes of data in real time with low latency and high throughput. A deadline 
for patching 

The flaw is tracked as CVE-2020-17519. It was discovered in early January 
2021, and was never given a specific severity score. 

Still, the Apache Software Foundation fixed it in a timely manner, by 
applying a fix, The Register reports. Vulnerable versions include Flink 
1.11.0, 1.11.1, and 1.11.2. Fixed versions are 1.11.3, and 1.12.0. 

A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 
as well) allows attackers to read any file on the local filesystem of the 
JobManager through the REST interface of the JobManager process, the Apache 
Software Foundation explained at the time. Access is restricted to files 
accessible by the JobManager process. 

Adding the bug to the KEV, CISA also gave federal agencies a deadline by 
which they should either apply the patch, or stop using the vulnerable 
software altogether - June 13. Obviously, firms in the private sector should 
do the same, as hackers rarely skip a potential target, regardless of the 
industry it is in. 

Unfortunately, CISA did not share additional details about the vulnerability 
or its exploiters, so we dont know who the threat actors are, or who the 
victims might be. We also dont know how many firms may have been compromised 
this way already, or what the attackers are using it for. More from TechRadar 
Pro BreachForums hacking forum admin sentenced to 20 years supervised release 
Here's a list of the best firewalls today These are the best endpoint 
protection tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/apache-flink-flaw-is-back-and-being-act
ively-exploited


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.