CISA includes ancient Apache Flink bug in KEV collection

May 26, 2024
1 min read


TLDR:

Ongoing attacks exploiting an access control flaw in Apache Flink have prompted CISA to add the bug to its KEV catalog. Federal agencies are urged to remediate the bug by June 13.

Key points:

  • Improper access control flaw in Apache Flink (CVE-2020-17519) added to CISA’s KEV catalog
  • Attacks leverage the flaw in Flink versions 1.11.0, 1.11.1, and 1.11.2, allowing unauthorized data access

Recent attacks using an improper access control flaw in Apache Flink have led to the bug being added to the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities catalog. The flaw, known as CVE-2020-17519, affects versions 1.11.0, 1.11.1, and 1.11.2 of Apache Flink and allows intrusions that could facilitate unauthorized data access through directory traversal requests.

No specific details about the attacks exploiting the flaw have been provided, but threat actors were previously reported by Palo Alto Networks Unit 42 to have been heavily leveraging the bug from November 2020 to January 2021. Unit 42 researchers highlighted the emergence of newly observed exploits, including CVE-2020-28188, CVE-2020-17519, and CVE-2020-29227, which were continuously being exploited in the wild during late 2020 to early 2021.

Federal agencies have been urged to remediate the bug by June 13 to mitigate the risk of further intrusions leveraging this vulnerability. The addition of this years-old Apache Flink bug to the KEV catalog underscores the ongoing importance of addressing known vulnerabilities to enhance overall cybersecurity posture.


Latest from Blog

Boosting Indonesia’s Cybersecurity Post Ransomware Attacks

Strengthening Indonesia‚Äôs Cybersecurity Defenses In Wake Of Ransomware Attacks TLDR: – Recent ransomware attack on Indonesia’s National Data Centre highlights need for strong cybersecurity measures – Key recommendations include regular security audits,

Simplify your workload with AI-powered threat intelligence reports

TLDR: Cybersecurity professionals face challenges managing workloads, budgets, and attack surfaces. AI-driven threat intelligence reporting tool, IQ Report Generator by Cybersixgill, helps automate and streamline the reporting process. Article Summary: Cybersecurity professionals