CVE-2022-44644 - OpenCVE

In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Linkis

Configuration 1 [-]

cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*

References

Link	Resource
https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h	Mailing List Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2023-01-31T09:40:52.676Z

Updated: 2023-03-15T08:36:52.828Z

Reserved: 2022-11-03T08:44:03.767Z

Link: CVE-2022-44644

JSON object: View

NVD Information

Status : Modified

Published: 2023-01-31T10:15:09.233

Modified: 2023-11-07T03:54:22.980

Link: CVE-2022-44644

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-44644", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2022-11-03T08:44:03.767Z", "datePublished": "2023-01-31T09:40:52.676Z", "dateUpdated": "2023-03-15T08:36:52.828Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Linkis (incubating)", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "1.3.1", "status": "affected", "version": "0", "versionType": "maven"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Department of Cyber Security Research (Jumbo, Unc1e), Beijing Zhiqian Technology Co., LTD"}, {"lang": "en", "type": "reporter", "value": "s3gundo of Hundsun Tech "}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. <br><br><span style=\"background-color: rgb(255, 255, 255);\">We recommend users upgrade the version of Linkis to version 1.3.1</span><br>"}], "value": "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.\u00a0\n\nWe recommend users upgrade the version of Linkis to version 1.3.1\n"}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-03-15T08:36:52.828Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Linkis (incubating): The DatasourceManager module has a Local File Read Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", "matchCriteriaId": "470910AB-1B29-4C8C-9C03-FD4A3C233523", "versionEndIncluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.\u00a0\n\nWe recommend users upgrade the version of Linkis to version 1.3.1\n"}, {"lang": "es", "value": "En Apache Linkis <=1.3.0, cuando se usa con MySQL Connector/J en el m\u00f3dulo de fuente de datos, un atacante autenticado podr\u00eda leer archivos locales arbitrarios conectando un servidor MySQL no autorizado, agregando enableLoadLocalInfile a verdadero en el par\u00e1metro JDBC. Por lo tanto, los par\u00e1metros en la URL de JDBC deben estar en la lista negra. Las versiones de Apache Linkis <=1.3.0 se ver\u00e1n afectadas. Recomendamos a los usuarios actualizar la versi\u00f3n de Linkis a la versi\u00f3n 1.3.1"}], "id": "CVE-2022-44644", "lastModified": "2023-11-07T03:54:22.980", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-31T10:15:09.233", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@apache.org", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Secondary"}]}