Information Disclosure

2020-10-0201:39:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

46.9%

JSON

nifi-framework-core is vulnerable to information disclosure. The vulnerability exists as confidential information from the flow definition configuration JSON could be printed in plaintext.

CPENameOperatorVersion
nifi-framework-corele1.11.4

CPE	Name	Operator	Version
	nifi-framework-core	le	1.11.4

References

github.com/apache/nifi/commit/148537d64a017b73160b0d49943183c18f883ab0

github.com/apache/nifi/pull/4222

issues.apache.org/jira/browse/NIFI-7377

nifi.apache.org/security#CVE-2020-9486

0.001 Low

EPSS

Percentile

46.9%

JSON

Related for VERACODE:27504