HTTP: Apache Flink FileUploadHandler Arbitrary File Upload

This signature detects attempts to exploit a known vulnerability against Apache Flink. A successful attack can lead to arbitrary code execution.

Extended Description

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4 from apache/flink:master.

Affected Products

Apache flink

Short Name
HTTP:APACHE:FLINK-FILUPHAND-AFU
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apache Arbitrary CVE-2020-17518 File FileUploadHandler Flink Upload
Release Date
03/30/2021
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3501
False Positive
Unknown
Vendors

Apache

CVSS Score

5.0

Found a potential security threat?