|
Message-ID: <CAN8tF9eTKbaD9CsAxuDHmnEQu6RD4fUZCVPbAhHSjF0VdBK+gg@mail.gmail.com> Date: Wed, 3 Jun 2020 13:31:52 +0300 From: Юрий <jury.gerzhedowich@...il.com> To: oss-security@...ts.openwall.com Subject: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963: Apache Ignite access to file system through predefined H2 SQL functions Severity: Critical Vendor: The Apache Software Foundation Versions Affected: All versions of Apache Ignite up to 2.8 Impact An attacker can use embedded H2 SQL functions to access a filesystem for write and read. Description: Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem. Mitigation: Ignite 2.8 or earlier users should upgrade to 2.8.1 In case SQL is not used at all the issue could be mitigated by removing ignite-indexing.jar from Ignite classpath Risk could be partially mitigated by using non privileged user to start Apache Ignite. Credit: This issue was discovered by Sriveena Mattaparthi of ekaplus.com -- Живи с улыбкой! :D
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.