关联漏洞
标题:Apache NiFi 代码问题漏洞 (CVE-2023-34212)Description:Apache NiFi是美国阿帕奇(Apache)基金会的一套数据处理和分发系统。该系统主要用于数据路由、转换和系统中介逻辑。 Apache NiFi 1.8.0版本至1.21.0版本存在代码问题漏洞,该漏洞源于允许经过身份验证和授权的用户配置URL和库属性,从而能够从远程位置反序列化不受信任的数据。
Description
CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi
介绍
# CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi
The JndiJmsConnectionFactoryProvider Controller Service along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location.
### Vendor Disclosure:
The vendor's disclosure and fix for this vulnerability can be found [here](https://nifi.apache.org/security.html#CVE-2023-34212).
### Requirements:
This vulnerability requires:
<br/>
- Valid user credentials
### Proof Of Concept:
More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2023-34212/blob/main/Apache%20NiFi%20-%20CVE-2023-34212.pdf).
### Additional Resources:
Kudos to [Veraxy00 of Qianxin TI Center](https://github.com/Veraxy00) for discovering and reporting the vulnerability in the same time period as me.
[CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi](https://github.com/mbadanoiu/CVE-2023-40037) can be used to bypass security measures implemented for CVE-2023-34212 resulting in RCE for versions of Apache NiFi <= 1.23.0.
文件快照
[4.0K] /data/pocs/f260b3e483323daa60ea7a4bbf1ce47861d9a48d
├── [2.2M] Apache NiFi - CVE-2023-34212.pdf
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。