Apache Flink Unauthorized Access Vulnerability
Vulnerability Description
The Apache Flink Dashboard has no user authentication by default. An attacker can directly upload a trojan jar package through the unauthorized Flink Dashboard console and remotely execute any system command to obtain server privileges.
Environment setup
Test version: flink-1.15.1
Modify flink-1.15.1/conf/flink-conf.yaml
,open 8081 port.
Start Flink:
Vulnerability Exploitation
Access the web page.
Use msfvenom to generate rce.jar:
Configure msf listening:
Upload the rec.jar
file at Submit New Job, click submit.
Successful get shell.
PreviousActiveMQ Unauthorized Access VulnerabilityNextAtlassian Crowd Unauthorized Access Vulnerability
Last updated