4.7

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-1960

GHSA ID

GHSA-6g88-99wj-8mgg

EPSS Score

0.21852%

CWE

CWE-74

Published

5/21/2021

Updated

2/1/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-1960

CVE-2020-1960: Command injection in Apache Flink

A vulnerability in Apache Flink where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name>.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker's control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data.

(GitHub Advisory)

4.7

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-1960

GHSA ID

GHSA-6g88-99wj-8mgg

EPSS Score

0.21852%

CWE

CWE-74

Published

5/21/2021

Updated

2/1/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.flink:flink-core	maven	< 1.9.2	1.9.3
org.apache.flink:flink-core	maven	= 1.10.0	1.10.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability is associated with the JMXReporter in Apache Flink. The JMXReporter's handling of the JMXRMI registry is the key area of concern. Functions related to starting or configuring the JMX registry are likely to be relevant. The exact function names may vary based on the specific implementation details in the Flink codebase.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility in *p**** *link w**r*, w**n runnin* * pro**ss wit* *n *n**l** JMXR*port*r, wit* * port *on*i*ur** vi* m*tri*s.r*port*r.r*port*r_n*m*>.port, *n *tt**k*r wit* lo**l ****ss to t** m***in* *n* JMX port **n *x**ut* * m*n-in-t**-mi**l* *tt*

Reasoning

T** vuln*r**ility is *sso*i*t** wit* t** `JMXR*port*r` in *p**** *link. T** `JMXR*port*r's` **n*lin* o* t** `JMXRMI` r**istry is t** k*y *r** o* *on**rn. *un*tions r*l*t** to st*rtin* or *on*i*urin* t** `JMX` r**istry *r* lik*ly to ** r*l*v*nt. T** *

4.7

Basic Information

Concerned about an active attack path?

CVE-2020-1960: Command injection in Apache Flink

4.7

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI