CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 13, 2024
High
CISA KEVCVE-2020-17519
Apache—Flink
Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local filesystem of the JobManager through its REST interface.
Required Action
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/typ0h03zyfrzjqlnb7plh64df1g2383d; https://nvd.nist.gov/vuln/detail/CVE-2020-17519
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- May 23, 2024
- KEV Added
- May 23, 2024
- Due Date
- Jun 13, 2024
- Related Articles
- 0
Vendor
Apache
Flink