Ongoing attacks leveraging an improper access control flaw in open source framework Apache Flink, tracked as CVE-2020-17519, have prompted the security issue's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the bug by June 13, according to The Hacker News.
Intrusions leveraging the flaw, which affects Flink versions 1.11.0, 1.11.1, and 1.11.2, could facilitate the reading of any file on the JobManager's local filesystem, as well as unauthorized data access through directory traversal requests.
No details regarding the attacks exploiting the flaw have been provided but threat actors were previously reported by Palo Alto Networks Unit 42 to had been extensively leveraging the flaw from November 2020 to January 2021.
"Several newly observed exploits, including CVE-2020-28188, CVE-2020-17519, and CVE-2020-29227, have emerged and were continuously being exploited in the wild as of late 2020 to early 2021," said Unit 42 researchers then.
