Apache NiFi: Potential Code Injection with Database Services using H2
CVE-2023-34468

8.8HIGH

Key Information:

Vendor
Apache
Status
Apache Nifi
Vendor
CVE Published:
12 June 2023

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 72%πŸ“° News Worthy

Summary

The DBCPConnectionPool and HikariCPConnectionPool services in Apache NiFi versions 0.0.2 through 1.21.0 are susceptible to a vulnerability that allows an authenticated and authorized user to configure a Database URL leveraging the H2 driver, leading to potential execution of custom code. The recommended resolution involves validating the Database URL and rejecting H2 JDBC locations to mitigate this risk. Users are advised to upgrade to version 1.22.0 or later to address this issue effectively.

Affected Version(s)

Apache NiFi 0.0.2 <= 1.21.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-34468
Created by mbadanoiu

News Articles

favicon imageThe Hacker News

OpenRefine's Zip Slip Vulnerability Could Let Attackers Execute Malicious Code

A severe "Zip Slip" vulnerability in OpenRefine data cleanup and transformation tool could lead to code execution attacks.

1 year ago

References

https://nifi.apache.org/security.html#CVE-2023-34468
release-notes
https://lists.apache.org/thread/7b82l4f5blmpkfcynf3y6z4x1...
vendor-advisory
http://www.openwall.com/lists/oss-security/2023/06/12/3

EPSS Score

72% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

Credit

Matei "Mal" Badanoiu
.