Published: 12/06/2023 Updated: 21/06/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 up to and including 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location. The resolution validates the JNDI URL and restricts locations to a set of allowed schemes. You are recommended to upgrade to version 1.22.0 or later which fixes this issue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache nifi

发布一些我发现的漏洞以及利用脚本。

SecVulList-Veraxy00 分享一些我发现的漏洞，涉及细节和利用。 Apache Flink远程代码执行漏洞 Apache Flink Web UI 默认没有用户权限认证，攻击者可以直接上传恶意Jar包，通过指定Kafka数据源连接属性，利用Apache Kafka JNDI注入(CVE-2023-25194)漏洞[1]攻击Flink，最终实现远程代码执行。 [1] kafkaapacheor

CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi

CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi The JndiJmsConnectionFactoryProvider Controller Service along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 180 through 1210 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location Vendor Dis

发布一些我发现的漏洞以及利用脚本。

SecVulList-Veraxy00 分享一些我发现的漏洞，涉及细节和利用。 Apache Flink远程代码执行漏洞 Apache Flink Web UI 默认没有用户权限认证，攻击者可以直接上传恶意Jar包，通过指定Kafka数据源连接属性，利用Apache Kafka JNDI注入(CVE-2023-25194)漏洞[1]攻击Flink，最终实现远程代码执行。 [1] kafkaapacheor

CWE-502 https://lists.apache.org/thread/w5rm46fxmvxy216tglf0dv83wo6gnzr5 https://nifi.apache.org/security.html#CVE-2023-34212 http://www.openwall.com/lists/oss-security/2023/06/12/2 https://nvd.nist.gov https://github.com/Veraxy00/SecVulList-Veraxy00

CVE-2023-34212

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect