Huajie Wang

**Name of the Vulnerable Software and Affected Versions** Streampark versions prior to 2.1.2 **Description** The issue arises in the Streampark platform when users log in and utilize certain features, specifically those providing name-based fuzzy search functionality for items like job names and role names. The SQL syntax used is `select * from table where jobName like '%jobName%'`. However, the `jobName` field is susceptible to receiving illegal parameters, which can lead to SQL injection and potentially result in information leakage. **Recommendations** For versions prior to 2.1.2, users are recommended to upgrade to version 2.1.2, which fixes the issue. As a temporary workaround, consider restricting the use of the fuzzy search feature until the upgrade is applied. Additionally, users should avoid using the `jobName` field in the affected SQL syntax until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** streampark versions prior to 2.1.2 **Description** The issue is related to the project module in streampark that integrates Maven's compilation capability. There is no check on the compilation parameters of Maven, allowing attackers to insert commands for remote command execution. The prerequisite for a successful attack is that the user needs to log in to the streampark system and have system-level permissions. Generally, only users of that system have the authorization to log in, and users would not manually input a dangerous operation command. Therefore, the risk level of this issue is very low. **Recommendations** All users should upgrade to 2.1.2 to mitigate the risk. As a temporary workaround, consider restricting access to the Maven compilation parameters to minimize the risk of exploitation. Avoid using the `settings.xml` file in the `/usr/share/java/maven-3/conf/` directory with untrusted input until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Apache StreamPark versions prior to 2.0.0 **Description** The issue allows any user to upload a jar as an application without mandatory verification of the uploaded file type. This enables users to upload high-risk files and potentially upload them to any directory. **Recommendations** For versions prior to 2.0.0, upgrade to Apache StreamPark 2.0.0 or later. As a temporary workaround, consider restricting the upload functionality to prevent users from uploading high-risk files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Apache StreamPark versions 1.0.0 through 1.0.0 **Description** The issue arises when a user successfully logs in and attempts to modify their profile. The `username` is passed to the server-layer as a parameter but is not verified to ensure it matches the currently logged-in user or if the user is legitimate. This oversight allows malicious attackers to send any `username` to modify and reset the account. **Recommendations** For Apache StreamPark versions 1.0.0, upgrade to Apache StreamPark 2.0.0 or later.

**Nome do software vulnerável e versões afetadas** Apache StreamPark, versões 1.0.0 a 2.0.0 **Descrição** O problema está relacionado a uma vulnerabilidade de injeção LDAP, que é um tipo de ataque utilizado para explorar aplicativos baseados na web que constroem instruções LDAP com base nas entradas do usuário. Quando um aplicativo não consegue sanitizar adequadamente as entradas do usuário, é possível modificar instruções LDAP por meio de técnicas semelhantes à injeção de SQL. Isso pode resultar na concessão de permissões para consultas não autorizadas e na modificação de conteúdo dentro da árvore LDAP. O risco pode ocorrer apenas quando o usuário faz login via LDAP, e o login com nome de usuário e senha não será afetado. **Recomendações** Para as versões 1.0.0 a 2.0.0 do Apache StreamPark, atualize para o Apache StreamPark 2.0.0 ou posterior para resolver o problema. Como solução alternativa temporária, considere restringir o acesso à funcionalidade LDAP até que a atualização seja aplicada. Além disso, os usuários devem ter cuidado ao fazer login com LDAP para minimizar o risco de exploração.