Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.10 views

CVE-2021-33191

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command ...

9.8CVSS7AI score0.04024EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-19906

Malware in sbrugna...

9.8CVSS9.4AI score0.04024EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2025/02/11 6:31 p.m.7 views

org.apache.nifi.minifi:minifi-assembly (>=1.22.0 <=1.28.0), org.apache.nifi.minifi:minifi-c2-assembly (>=1.22.0 <=1.28.0) +22 more potentially affected by CVE-2024-52067 via org.apache.nifi:nifi-framework-core (>=1.16.0 <=1.28.0)

org.apache.nifi:nifi-framework-core MAVEN version =1.16.0, =1.22.0, =1.22.0, =1.22.0, =0.1.0, =0.1.0, =1.22.0, =1.22.0, =0.1.0, =0.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.2 and more Source cves: CVE-2024-52067 Source advisory: OSV:GHSA-V3VC-6QCV-4VRX...

6.9CVSS5.8AI score0.00737EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/10/30 12:0 a.m.5 views

The vulnerability of the InvokeHTTP component in the Apache NiFi MiNiFi data processing platform, which exists due to insufficient verification of certificate authenticity, allows attackers to compromise data integrity.

The vulnerability of the InvokeHTTP component in the Apache NiFi MiNiFi data processing platform exists due to insufficient verification of certificate authenticity. Exploiting this vulnerability allows an attacker to compromise data integrity from a remote location...

5.9CVSS6.2AI score0.00419EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/09/03 4:15 p.m.30 views

CVE-2023-41180

Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling verification by default,...

5.9CVSS5.7AI score0.00419EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/03 3:52 p.m.15 views

CVE-2023-41180 Apache NiFi MiNiFi C++: Incorrect Certificate Validation in InvokeHTTP for MiNiFi C++

Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling verification by default,...

6.8AI score0.00419EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/03 12:0 a.m.5 views

PT-2023-6523 · Apache · Apache Nifi Minifi C++

Name of the Vulnerable Software and Affected Versions: Apache NiFi MiNiFi C++ versions 0.13 through 0.14 Description: The issue is related to incorrect certificate validation in the InvokeHTTP component, allowing an intermediary to present a forged certificate during TLS handshake negotiation. Th...

5.9CVSS5.5AI score0.00419EPSS
Exploits0References7
OSV
OSV
added 2021/08/24 12:15 p.m.15 views

CVE-2021-33191

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command ...

9.8CVSS7AI score0.04024EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2019/10/25 7:42 p.m.4 views

org.apache.nifi.minifi:minifi-assembly (>=1.14.0 <=1.28.1), org.apache.nifi.minifi:minifi-c2-assembly (>=0.2.0 <=1.28.1) +27 more potentially affected by CVE-2017-15703 via org.apache.nifi:nifi-framework-cluster-protocol (>=0.0.1-incubating <=1.4.0)

org.apache.nifi:nifi-framework-cluster-protocol MAVEN version =0.0.1-incubating, =1.14.0, =0.2.0, =0.2.0, =0.0.1, =0.0.1, =0.0.1, =1.14.0, =1.14.0, =0.0.1, =0.0.1, =1.0.0, =0.0.1-incubating, =1.0.0, =0.0.1-incubating, =0.0.1-incubating, =1.15.3 and more Source cves: CVE-2017-15703 Source advisory...

5CVSS5.9AI score0.00862EPSS
Exploits0
Rows per page
Query Builder