7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-5635

GHSA ID

GHSA-jgj9-6v78-6g8m

EPSS Score

0.77364%

CWE

CWE-287

Published

5/13/2022

Updated

1/30/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-5635

CVE-2017-5635: Improper Authentication In Apache NiFi

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.

(GitHub Advisory)

7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-5635

GHSA ID

GHSA-jgj9-6v78-6g8m

EPSS Score

0.77364%

CWE

CWE-287

Published

5/13/2022

Updated

1/30/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.nifi:nifi	maven	< 0.7.2	0.7.2
org.apache.nifi:nifi	maven	>= 1.0.0, < 1.1.2	1.1.2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper proxy chain handling during cluster request replication. Key functions identified are:

ProxiedEntitiesUtils.getProxiedEntities - Directly responsible for parsing and constructing user identity chains. The security advisory specifically mentions proxy chain validation changes here.
ApplicationResource.createClusterRequest - The entry point for cluster request handling where user identity propagation occurs. The medium confidence comes from indirect evidence in advisory descriptions about request replication behavior. The functions were selected based on the patch description mentioning proxy chain iteration changes and cluster request handling improvements. The first function's role in identity resolution makes it the primary vulnerable component.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In *p**** Ni*i ***or* *.*.* *n* *.x ***or* *.*.* in * *lust*r *nvironm*nt, i* *n *nonymous us*r r*qu*st is r*pli**t** to *not**r no**, t** ori*in*tin* no** i**ntity is us** r*t**r t**n t** "*nonymous" us*r.

Reasoning

T** vuln*r**ility st*ms *rom improp*r proxy ***in **n*lin* *urin* *lust*r r*qu*st r*pli**tion. K*y *un*tions i**nti*i** *r*: *. Proxi***ntiti*sUtils.**tProxi***ntiti*s - *ir**tly r*sponsi*l* *or p*rsin* *n* *onstru*tin* us*r i**ntity ***ins. T** s**u

7.5

Basic Information

Concerned about an active attack path?

CVE-2017-5635: Improper Authentication In Apache NiFi

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI