Lucene search
K

15 matches found

Nuclei
Nuclei
added yesterday109 views

Apache Flink - Local File Inclusion

Apache Flink 1.11.0 and released in 1.11.1 and 1.11.2 as well allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process aka local file inclusion. id: CVE-2020-17519 info: name: Apache Flink - Local File Inclusion author: pdtea...

9.1CVSS7.1AI score0.97856EPSS
Exploits14References5
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.227 views

Apache Flink JobManager Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink JobManager Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Flink...

9.1CVSS7.4AI score0.97856EPSS
Exploits14
The Hacker News
The Hacker News
added 2024/05/23 4:44 p.m.28 views

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a security flaw impacting Apache Flink, an open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. Tracked as...

10CVSS7.3AI score0.97856EPSS
Exploits18
Rapid7 Blog
Rapid7 Blog
added 2021/02/26 7:23 p.m.205 views

Metasploit Wrap-Up

Hey who finked about Flink? In this week's round of modules, contributor bcoles offered up two modules to leverage that Apache Flink install you found in some fun new ways. If you are just looking to filch a few files, auxiliary/scanner/http/apacheflinkjobmanagertraversal leverages CVE-2020-17519...

7.2CVSS8.7AI score0.99295EPSS
Exploits95
Metasploit
Metasploit
added 2021/02/23 5:41 p.m.55 views

Apache Flink JobManager Traversal

This module exploits an unauthenticated directory traversal vulnerability in Apache Flink versions 1.11.0 use auxiliary/scanner/http/apacheflinkjobmanagertraversal msf auxiliaryapacheflinkjobmanagertraversal show actions ...actions... msf auxiliaryapacheflinkjobmanagertraversal set ACTION msf...

9.1CVSS7.8AI score0.97856EPSS
Exploits14
GithubExploit
GithubExploit
added 2021/01/18 2:3 a.m.72 views

Exploit for Files or Directories Accessible to External Parties in Apache Flink

CVE-2020-17519 Apache Flink Arbitrary File Reading Vulnerabil...

9.1CVSS7.3AI score0.97856EPSS
Exploits14
Check Point Advisories
Check Point Advisories
added 2021/01/17 12:0 a.m.9 views

Apache Flink Directory Traversal (CVE-2020-17518; CVE-2020-17519)

A directory traversal vulnerability exists in Apache Flink. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

5CVSS5.2AI score0.97856EPSS
Exploits14
GithubExploit
GithubExploit
added 2021/01/10 1:24 a.m.169 views

Exploit for Files or Directories Accessible to External Parties in Apache Flink

CVE-2020-17519 Apache Flink RESTful API Arbitrary File Read -...

9.1CVSS7.5AI score0.97856EPSS
Exploits14
Packet Storm
Packet Storm
added 2021/01/08 12:0 a.m.269 views

Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Fli...

0.4AI score0.97856EPSS
Exploits14
Circl
Circl
added 2021/01/08 12:0 a.m.23 views

CVE-2020-17519

creationtimestamp| type| source ---|---|--- 2021-01-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49398 2021-02-23 15:29:39+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/apacheflinkjobmanagertraversal.rb 2021-03-17...

9.1CVSS7.1AI score0.97856EPSS
In wildExploits14References22
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.275 views

Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Fli...

9.1CVSS7.7AI score0.97856EPSS
Exploits14
GithubExploit
GithubExploit
added 2021/01/06 2:15 a.m.122 views

Exploit for Files or Directories Accessible to External Parties in Apache Flink

Usage & Disclaimer This script addresses a directory travers...

9.1CVSS7.3AI score0.97856EPSS
Exploits14
NVD
NVD
added 2021/01/05 12:15 p.m.19 views

CVE-2020-17519

A change introduced in Apache Flink 1.11.0 and released in 1.11.1 and 1.11.2 as well allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users shou...

9.1CVSS7.2AI score0.97856EPSS
Exploits14References17
Cvelist
Cvelist
added 2021/01/05 11:40 a.m.21 views

CVE-2020-17519 Apache Flink directory traversal attack: reading remote files through the REST API

A change introduced in Apache Flink 1.11.0 and released in 1.11.1 and 1.11.2 as well allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users shou...

7.2AI score0.97856EPSS
Exploits14References16
Vulnrichment
Vulnrichment
added 2021/01/05 11:40 a.m.25 views

CVE-2020-17519 Apache Flink directory traversal attack: reading remote files through the REST API

A change introduced in Apache Flink 1.11.0 and released in 1.11.1 and 1.11.2 as well allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users shou...

6.4AI score0.97856EPSS
Exploits14References16
Rows per page
Query Builder