CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog

CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healthcare Mirth Connect vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

The issue, tracked as CVE-2020-17519, is an improper access control vulnerability in Apache Flink.

Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local filesystem of the JobManager through its REST interface.

An improper access control vulnerability occurs when an application or system does not adequately restrict user permissions, allowing unauthorized users to access resources, perform actions, or obtain data they should not be able to. This type of vulnerability can lead to unauthorized access, data breaches, and other security issues.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix these vulnerabilities by June 13, 2024.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, Apache Flink)