LDAP Injection Vulnerability in Apache Druid by Apache
CVE-2020-1958

6.5MEDIUM

Key Information:

Vendor
Apache
Status
Apache Druid
Vendor
CVE Published:
1 April 2020

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The vulnerability allows attackers to bypass the credentials validation process by exploiting LDAP authentication in Apache Druid 0.17.0. Valid LDAP credentials permit access to Druid APIs without the necessary filters, potentially leading to unauthorized access to sensitive LDAP attribute values. While attackers must still adhere to role-based authorization checks, they can retrieve data that is visible to the Druid server, raising concerns about user information exposure and overall security integrity.

Affected Version(s)

Apache Druid 0.17.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-1958
Created by ggolawski

References

https://lists.apache.org/thread.html/r9d437371793b410f8a8...
x_refsource_MISC
https://lists.apache.org/thread.html/r1526dbce98a138629a4...
mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rffabc9e83cc2831bbee...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.