CVE-2020-1964 - OpenCVE

It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of Untrusted Data).

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Heron

Configuration 1 [-]

OR	cpe:2.3:a:apache:heron:0.20.0-incubating:::::::*
	cpe:2.3:a:apache:heron:0.20.1-incubating:-::::::
	cpe:2.3:a:apache:heron:0.20.2-incubating:::::::*

References

Link	Resource
https://lists.apache.org/thread.html/r16dd39f4180e4443ef4ca774a3a5a3d7ac69f91812c183ed2a99e959%40%3Cdev.heron.apache.org%3E	Mailing List Vendor Advisory
https://lists.apache.org/thread.html/rd43ae18588fd7bdb375be63bc95a651aab319ced6306759e1237ce67%40%3Cdev.ignite.apache.org%3E
https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94%40%3Cdev.ignite.apache.org%3E
https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94%40%3Cuser.ignite.apache.org%3E
https://lists.apache.org/thread.html/rf032a13a4711f88c0a2c0734eecbee1026cc1b6cde27d16a653f8755%40%3Cdev.ignite.apache.org%3E

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2020-04-16T16:21:05

Updated: 2020-06-15T20:06:09

Reserved: 2019-12-02T00:00:00

Link: CVE-2020-1964

JSON object: View

NVD Information

Status : Modified

Published: 2020-04-16T19:15:28.290

Modified: 2023-11-07T03:19:38.777

Link: CVE-2020-1964

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"containers": {"cna": {"affected": [{"product": "Apache Heron", "vendor": "n/a", "versions": [{"status": "affected", "version": "Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, Release v-0.20.0-incubating"}]}], "descriptions": [{"lang": "en", "value": "It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of Untrusted Data)."}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-15T20:06:09", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread.html/r16dd39f4180e4443ef4ca774a3a5a3d7ac69f91812c183ed2a99e959%40%3Cdev.heron.apache.org%3E"}, {"name": "[ignite-dev] 20200605 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf032a13a4711f88c0a2c0734eecbee1026cc1b6cde27d16a653f8755%40%3Cdev.ignite.apache.org%3E"}, {"name": "[ignite-dev] 20200608 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd43ae18588fd7bdb375be63bc95a651aab319ced6306759e1237ce67%40%3Cdev.ignite.apache.org%3E"}, {"name": "[ignite-dev] 20200615 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94%40%3Cdev.ignite.apache.org%3E"}, {"name": "[ignite-user] 20200615 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94%40%3Cuser.ignite.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2020-1964", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Heron", "version": {"version_data": [{"version_value": "Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, Release v-0.20.0-incubating"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of Untrusted Data)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Disclosure"}]}]}, "references": {"reference_data": [{"name": "https://lists.apache.org/thread.html/r16dd39f4180e4443ef4ca774a3a5a3d7ac69f91812c183ed2a99e959%40%3Cdev.heron.apache.org%3E", "refsource": "MISC", "url": "https://lists.apache.org/thread.html/r16dd39f4180e4443ef4ca774a3a5a3d7ac69f91812c183ed2a99e959%40%3Cdev.heron.apache.org%3E"}, {"name": "[ignite-dev] 20200605 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf032a13a4711f88c0a2c0734eecbee1026cc1b6cde27d16a653f8755@%3Cdev.ignite.apache.org%3E"}, {"name": "[ignite-dev] 20200608 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd43ae18588fd7bdb375be63bc95a651aab319ced6306759e1237ce67@%3Cdev.ignite.apache.org%3E"}, {"name": "[ignite-dev] 20200615 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94@%3Cdev.ignite.apache.org%3E"}, {"name": "[ignite-user] 20200615 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94@%3Cuser.ignite.apache.org%3E"}]}}}}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2020-1964", "datePublished": "2020-04-16T16:21:05", "dateReserved": "2019-12-02T00:00:00", "dateUpdated": "2020-06-15T20:06:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:heron:0.20.0-incubating:*:*:*:*:*:*:*", "matchCriteriaId": "CBCEBB8F-DDB0-4BFA-8FE1-5D0672E82532", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:heron:0.20.1-incubating:-:*:*:*:*:*:*", "matchCriteriaId": "631CA75F-187C-43FB-9A5D-E1AD7E04F295", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:heron:0.20.2-incubating:*:*:*:*:*:*:*", "matchCriteriaId": "152346A1-5408-4A98-B5B6-2D59D713F83A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of Untrusted Data)."}, {"lang": "es", "value": "Se observ\u00f3 que Apache Heron versi\u00f3n 0.20.2-incubating, Release 0.20.1-incubating y Release v-0.20.0-incubating, no configura su analizador YAML para impedir la creaci\u00f3n de instancias de tipos arbitrarios, resultando en vulnerabilidades de ejecuci\u00f3n de c\u00f3digo remota (CWE-502: Deserializaci\u00f3n de Datos No seguros)."}], "id": "CVE-2020-1964", "lastModified": "2023-11-07T03:19:38.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-16T19:15:28.290", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/r16dd39f4180e4443ef4ca774a3a5a3d7ac69f91812c183ed2a99e959%40%3Cdev.heron.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rd43ae18588fd7bdb375be63bc95a651aab319ced6306759e1237ce67%40%3Cdev.ignite.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94%40%3Cdev.ignite.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94%40%3Cuser.ignite.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf032a13a4711f88c0a2c0734eecbee1026cc1b6cde27d16a653f8755%40%3Cdev.ignite.apache.org%3E"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}