Vulnerability identifier: #VU49273

Vulnerability risk: Medium

CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C]

CVE-ID: CVE-2020-17519

CWE-ID: CWE-200

Exploitation vector: Network

Exploits in database: 15

• June 22, 2022
  • CVE-2020-17519 () [Github]
• March 8, 2022
  • CVE-2020-17519 () [Github]
• November 11, 2021
  • apacheflink----POC (apache flink目录遍历(CVE-2020-17519)) [Github]
• June 17, 2021
  • Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit) [Exploit-DB]
• May 9, 2021
  • Apache Flink JobManager Traversal [Metasploit]
• April 13, 2021
  • CVE-2020-17519 (CVE-2020-17519 Cheetah) [Github]
• February 25, 2021
  • westone-CVE-2020-17519-scanner (A vulnerability scanner that detects CVE-2020-17519 vulnerabilities.) [Github]
• January 18, 2021
  • Flink- (CVE-2020-17519; Apache Flink 任意文件读取; 批量检测) [Github]
  • CVE-2020-17519-Exp (CVE-2020-17519 EXP) [Github]
  • CVE-2020-17519-Apache-Flink (CVE-2020-17519; Apache Flink 任意文件读取; 批量检测) [Github]
• January 11, 2021
  • CVE-2020-17519 (CVE-2020-17519) [Github]
  • CVE-2020-17519 ([CVE-2020-17519] Apache Flink RESTful API Arbitrary File Read) [Github]
• January 6, 2021
  • CVE-2020-17519 () [Github]
  • CVE-2020-17519 (Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)) [Github]
  • apache-flink-directory-traversal.nse (Apache Flink Directory Traversal (CVE-2020-17519) Nmap NSE Script) [Github]

Impact: Information disclosure

Vulnerable software:
Flink
Server applications / Database software

Vendor: Apache Foundation