CVE-2020-17519

Name of the Vulnerable Software and Affected Versions: Apache Flink versions 1.11.0 through 1.11.2

Description: A change introduced in Apache Flink allows attackers to read any file on the local filesystem of the JobManager through the REST interface. Access is restricted to files accessible by the JobManager process. The vulnerability was actively exploited between November 2020 and January 2021, and is now listed in CISA’s Known Exploited Vulnerabilities catalog. A proof-of-concept (PoC) exploit is available, demonstrating a directory traversal attack via the /jobmanager/logs endpoint.

Recommendations: Upgrade to Apache Flink version 1.11.3 or 1.12.0.