The Apache Flink is an open source stream processing framework for data streaming applications.The vulnerable Apache Flink Dashboard has the ability to upload malicious jar packages and trigger malicious code execution.Another reason of this attack is inappropriate Spring Boot Actuator configuration.The vulnerable mainly found in Apache Flink version 1.9.1 and its lower versions.
Mitigation / Precaution
- In order to patch this vulnerability, please install the official patch Apache Flink made available for supported, vulnerable instances.
- We recommend you to set up an IP whitelist to allow only trusted IP addresses to connect to the console, and enable access authentication.
- We recommend you to use security authentication policies and add access control mechanisms in flink.