Apache Flink Unauth RCE

Nash N Sulthan
Published on
16 Jun 2021

The Apache Flink is an open source stream processing framework for data streaming applications.The vulnerable Apache Flink Dashboard has the ability to upload malicious jar packages and trigger malicious code execution.Another reason of this attack is inappropriate Spring Boot Actuator configuration.The vulnerable mainly found in Apache Flink version 1.9.1 and its lower versions.

Mitigation / Precaution

  • In order to patch this vulnerability, please install the official patch Apache Flink made available for supported, vulnerable instances.
  • We recommend you to set up an IP whitelist to allow only trusted IP addresses to connect to the console, and enable access authentication.
  • We recommend you to use security authentication policies and add access control mechanisms in flink.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Nash N Sulthan
Nash N Sulthan
Cyber Security Lead Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment