Lucene search

GitHub Advisory DatabaseGHSA-QM2H-M799-86RC

HistoryApr 10, 2023 - 9:30 a.m.

Apache Linkis JDBC EngineConn has deserialization vulnerability

2023-04-1009:30:15

CWE-502

GitHub Advisory Database

github.com

apache linkis

jdbc engineconn

deserialization vulnerability

mysql

remote code execution

upgrade

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.024

Percentile

89.9%

JSON

In Apache Linkis <=1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EngineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Users should upgrade their version of Linkis to version 1.3.2.

Affected configurations

Vulners

Node

org.apache.linkislinkis-engineconnRange<1.3.2

VendorProductVersionCPE
org.apache.linkislinkis-engineconn*cpe:2.3:a:org.apache.linkis:linkis-engineconn:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
org.apache.linkis	linkis-engineconn	*	cpe:2.3:a:org.apache.linkis:linkis-engineconn::::::::

References

www.openwall.com/lists/oss-security/2023/04/10/4

github.com/advisories/GHSA-qm2h-m799-86rc

github.com/apache/linkis/commit/7005c01d7f7bca78322447f4f2f32b8398645687

linkis.apache.org/download/release-notes-1.3.2/

lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls

nvd.nist.gov/vuln/detail/CVE-2023-29215

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.024

Percentile

89.9%

JSON

Related for GHSA-QM2H-M799-86RC