CVE-2020-17519
Description
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.
Severity: HIGH
CVE ID: CVE-2020-17519
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Proof Of Concept
Nuclei Templates for CVE-2020-17519
Refrence: Project Discovery GitHub
B1anda0
Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)
Refrence: GitHub
QmF0c3UK
Refrence: GitHub
dolevf
Apache Flink Directory Traversal (CVE-2020-17519) Nmap NSE Script
Refrence: GitHub
hoanx4
CVE-2020-17519
Refrence: GitHub
murataydemir
[CVE-2020-17519] Apache Flink RESTful API Arbitrary File Read
Refrence: GitHub
radbsie
CVE-2020-17519 EXP
Refrence: GitHub
yaunsky
CVE-2020-17519; Apache Flink 任意文件读取; 批量检测
Refrence: GitHub
Osyanina
A vulnerability scanner that detects CVE-2020-17519 vulnerabilities.
Refrence: GitHub
givemefivw
CVE-2020-17519 Cheetah
Refrence: GitHub
MrCl0wnLab
Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519
Refrence: GitHub
zhangweijie11
Refrence: GitHub