CVE-2018-1320

7.5HIGH

Key Information:

Vendor: Apache
Status: Apache Thrift
Vendor: CVE Published:; 7 January 2019

Summary

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete.

Affected Version(s)

Apache Thrift Apache Thrift 0.5.0 to 0.11.0

References

https://lists.apache.org/thread.html/da5234b5e78f1c991904...

x_refsource_MISC

http://www.securityfocus.com/bid/106551

vdb-entryx_refsource_BID

https://lists.debian.org/debian-lts-announce/2019/02/msg0...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 7, 2019
Vulnerability Reserved
Dec 7, 2017

.