Network Security, Vulnerability Management, Threat Intelligence

CISA adds years-old Apache Flink bug to KEV catalog

The Cybersecurity and Infrastructure Security Agency (CISA) emblem is seen at its headquarters in Arlington, Va.

Ongoing attacks leveraging an improper access control flaw in open source framework Apache Flink, tracked as CVE-2020-17519, have prompted the security issue's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the bug by June 13, according to The Hacker News.

Intrusions leveraging the flaw, which affects Flink versions 1.11.0, 1.11.1, and 1.11.2, could facilitate the reading of any file on the JobManager's local filesystem, as well as unauthorized data access through directory traversal requests.

No details regarding the attacks exploiting the flaw have been provided but threat actors were previously reported by Palo Alto Networks Unit 42 to had been extensively leveraging the flaw from November 2020 to January 2021.

"Several newly observed exploits, including CVE-2020-28188, CVE-2020-17519, and CVE-2020-29227, have emerged and were continuously being exploited in the wild as of late 2020 to early 2021," said Unit 42 researchers then.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.