cvelistv5 - cve-2023-46801

CVE-2023-46801 (GCVE-0-2023-46801)

Vulnerability from cvelistv5 – Published: 2024-07-15 07:55 – Updated: 2024-09-13 17:03

Title

Apache Linkis DataSource: DataSource Remote code execution vulnerability

Summary

In Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.

Severity ?

No CVSS data available.

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

apache

References

URL

Tags

https://lists.apache.org/thread/0dnzh64xy1n7qo3rg…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Linkis DataSource	Affected: 1.4.0 , < 1.6.0 (maven)

Credits

Pho3n1x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linkis",
            "vendor": "apache",
            "versions": [
              {
                "lessThan": "1.6.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-46801",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T13:16:05.304946Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-15T13:16:09.548Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-13T17:03:56.293Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/07/13/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.linkis:linkis-metadata-query-service-jdbc",
          "product": "Apache Linkis DataSource",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "1.6.0",
              "status": "affected",
              "version": "1.4.0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Pho3n1x "
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nIn Apache Linkis \u0026lt;= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u0026lt; 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\u0026nbsp; We recommend that users upgrade the java version to \u0026gt;= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n"
            }
          ],
          "value": "\nIn Apache Linkis \u003c= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u003c 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\u00a0 We recommend that users upgrade the java version to \u003e= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T07:55:29.702Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Linkis DataSource: DataSource Remote code execution vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2023-46801",
    "datePublished": "2024-07-15T07:55:29.702Z",
    "dateReserved": "2023-10-26T14:22:57.897Z",
    "dateUpdated": "2024-09-13T17:03:56.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.4.0\", \"versionEndExcluding\": \"1.6.0\", \"matchCriteriaId\": \"5F9BA8E6-F548-4333-989B-33F7B4362998\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"\\nIn Apache Linkis \u003c= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u003c 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \\n\\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\\u00a0 We recommend that users upgrade the java version to \u003e= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"En Apache Linkis \u0026lt;= 1.5.0, el m\\u00f3dulo de administraci\\u00f3n de fuentes de datos, al agregar una fuente de datos Mysql, existe una vulnerabilidad de ejecuci\\u00f3n remota de c\\u00f3digo para la versi\\u00f3n de Java \u0026lt;1.8.0_241. La vulnerabilidad de deserializaci\\u00f3n explotada mediante jrmp puede inyectar archivos maliciosos en el servidor y ejecutarlos. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Recomendamos que los usuarios actualicen la versi\\u00f3n de Java a \u0026gt;= 1.8.0_241. O los usuarios actualizan Linkis a la versi\\u00f3n 1.6.0.\"}]",
      "id": "CVE-2023-46801",
      "lastModified": "2024-11-21T08:29:20.047",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2024-07-15T08:15:02.253",
      "references": "[{\"url\": \"https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/13/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@apache.org\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-46801\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-07-15T08:15:02.253\",\"lastModified\":\"2024-11-21T08:29:20.047\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nIn Apache Linkis \u003c= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u003c 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \\n\\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\u00a0 We recommend that users upgrade the java version to \u003e= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\\n\\n\"},{\"lang\":\"es\",\"value\":\"En Apache Linkis \u0026lt;= 1.5.0, el m\u00f3dulo de administraci\u00f3n de fuentes de datos, al agregar una fuente de datos Mysql, existe una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo para la versi\u00f3n de Java \u0026lt;1.8.0_241. La vulnerabilidad de deserializaci\u00f3n explotada mediante jrmp puede inyectar archivos maliciosos en el servidor y ejecutarlos. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Recomendamos que los usuarios actualicen la versi\u00f3n de Java a \u0026gt;= 1.8.0_241. O los usuarios actualizan Linkis a la versi\u00f3n 1.6.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.4.0\",\"versionEndExcluding\":\"1.6.0\",\"matchCriteriaId\":\"5F9BA8E6-F548-4333-989B-33F7B4362998\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/13/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/13/6\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-13T17:03:56.293Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-46801\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-15T13:16:05.304946Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*\"], \"vendor\": \"apache\", \"product\": \"linkis\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.6.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-15T13:15:53.724Z\"}}], \"cna\": {\"title\": \"Apache Linkis DataSource: DataSource Remote code execution vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Pho3n1x \"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"moderate\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Linkis DataSource\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.4.0\", \"lessThan\": \"1.6.0\", \"versionType\": \"maven\"}], \"packageName\": \"org.apache.linkis:linkis-metadata-query-service-jdbc\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nIn Apache Linkis \u003c= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u003c 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \\n\\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\\u00a0 We recommend that users upgrade the java version to \u003e= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nIn Apache Linkis \u0026lt;= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u0026lt; 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \\n\\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\u0026nbsp; We recommend that users upgrade the java version to \u0026gt;= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-07-15T07:55:29.702Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-46801\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-13T17:03:56.293Z\", \"dateReserved\": \"2023-10-26T14:22:57.897Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-07-15T07:55:29.702Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-46801

Vulnerability from fkie_nvd - Published: 2024-07-15 08:15 - Updated: 2024-11-21 08:29

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@apache.org	https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx	Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/07/13/6
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx	Mailing List, Vendor Advisory

Impacted products

	Vendor	Product	Version
	apache	linkis	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F9BA8E6-F548-4333-989B-33F7B4362998",
              "versionEndExcluding": "1.6.0",
              "versionStartIncluding": "1.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\nIn Apache Linkis \u003c= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u003c 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\u00a0 We recommend that users upgrade the java version to \u003e= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n"
    },
    {
      "lang": "es",
      "value": "En Apache Linkis \u0026lt;= 1.5.0, el m\u00f3dulo de administraci\u00f3n de fuentes de datos, al agregar una fuente de datos Mysql, existe una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo para la versi\u00f3n de Java \u0026lt;1.8.0_241. La vulnerabilidad de deserializaci\u00f3n explotada mediante jrmp puede inyectar archivos maliciosos en el servidor y ejecutarlos. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Recomendamos que los usuarios actualicen la versi\u00f3n de Java a \u0026gt;= 1.8.0_241. O los usuarios actualizan Linkis a la versi\u00f3n 1.6.0."
    }
  ],
  "id": "CVE-2023-46801",
  "lastModified": "2024-11-21T08:29:20.047",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-07-15T08:15:02.253",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2024/07/13/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "security@apache.org",
      "type": "Secondary"
    }
  ]
}

CNVD-2024-33596

Vulnerability from cnvd - Published: 2024-07-18

Title

Apache Linkis代码问题漏洞

Description

Apache Linkis是美国阿帕奇（Apache）基金会的一款中间件产品，可以在上层应用和底层数据引擎之间建立起有效的连接。 Apache Linkis 1.6.0之前版本存在代码问题漏洞，该漏洞源于数据源管理模块在添加Mysql数据源时存在远程代码执行漏洞，攻击者可利用该漏洞将恶意文件注入服务器并执行。

Severity

高

Patch Name

Apache Linkis代码问题漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx

Reference

https://cxsecurity.com/cveshow/CVE-2023-46801/

Impacted products

Name
Apache linkis <1.6.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-46801"
    }
  },
  "description": "Apache Linkis\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u4e2d\u95f4\u4ef6\u4ea7\u54c1\uff0c\u53ef\u4ee5\u5728\u4e0a\u5c42\u5e94\u7528\u548c\u5e95\u5c42\u6570\u636e\u5f15\u64ce\u4e4b\u95f4\u5efa\u7acb\u8d77\u6709\u6548\u7684\u8fde\u63a5\u3002\n\nApache Linkis 1.6.0\u4e4b\u524d\u7248\u672c\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u6570\u636e\u6e90\u7ba1\u7406\u6a21\u5757\u5728\u6dfb\u52a0Mysql\u6570\u636e\u6e90\u65f6\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u6076\u610f\u6587\u4ef6\u6ce8\u5165\u670d\u52a1\u5668\u5e76\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-33596",
  "openTime": "2024-07-18",
  "patchDescription": "Apache Linkis\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u4e2d\u95f4\u4ef6\u4ea7\u54c1\uff0c\u53ef\u4ee5\u5728\u4e0a\u5c42\u5e94\u7528\u548c\u5e95\u5c42\u6570\u636e\u5f15\u64ce\u4e4b\u95f4\u5efa\u7acb\u8d77\u6709\u6548\u7684\u8fde\u63a5\u3002\r\n\r\nApache Linkis 1.6.0\u4e4b\u524d\u7248\u672c\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u6570\u636e\u6e90\u7ba1\u7406\u6a21\u5757\u5728\u6dfb\u52a0Mysql\u6570\u636e\u6e90\u65f6\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u6076\u610f\u6587\u4ef6\u6ce8\u5165\u670d\u52a1\u5668\u5e76\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Linkis\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache linkis \u003c1.6.0"
  },
  "referenceLink": "https://cxsecurity.com/cveshow/CVE-2023-46801/",
  "serverity": "\u9ad8",
  "submitTime": "2024-07-17",
  "title": "Apache Linkis\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e"
}

GHSA-JJVC-V8GW-5255

Vulnerability from github – Published: 2024-07-15 09:36 – Updated: 2024-07-15 17:36

Summary

Apache Linkis DataSource remote code execution vulnerability

Details

This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.linkis:linkis-datasource"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.4.0"
            },
            {
              "fixed": "1.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-46801"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-15T17:36:37Z",
    "nvd_published_at": "2024-07-15T08:15:02Z",
    "severity": "HIGH"
  },
  "details": "In Apache Linkis \u003c= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version \u003c 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\u00a0 We recommend that users upgrade the java version to \u003e= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n",
  "id": "GHSA-jjvc-v8gw-5255",
  "modified": "2024-07-15T17:36:38Z",
  "published": "2024-07-15T09:36:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46801"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/linkis"
    },
    {
      "type": "WEB",
      "url": "https://linkis.apache.org/download/release-notes-1.6.0"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache Linkis DataSource remote code execution vulnerability"
}

GSD-2023-46801

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2023-46801

Aliases

CVE-2023-46801

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-46801",
    "id": "GSD-2023-46801"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-46801"
      ],
      "id": "GSD-2023-46801",
      "modified": "2023-12-13T01:20:53.311640Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2023-46801",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-46801 (GCVE-0-2023-46801)

FKIE_CVE-2023-46801

CNVD-2024-33596

GHSA-JJVC-V8GW-5255

GSD-2023-46801

Tags

Sightings

Nomenclature