COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2020-17519

CVE-2020-17519

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2024-05-23
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-17519
⌖ exploited in the wild shame 50/100 exploited-in-wild

Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local filesystem of the JobManager through its REST interface.

Players implicated

apache · vendorFlink · product

Description

Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local filesystem of the JobManager through its REST interface.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.