[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] [CVE-2020-1947] Apache ShardingSphere(incubator) deserialization vulnerability
From: Chen QingYang <chenqingyang () apache ! org>
Date: 2020-03-11 4:32:54
Message-ID: CAMNRR76nvdbR33WNWP-Rag0V7pFs-WFCLWv+=saSX0AsqgPC7w () mail ! gmail ! com
[Download RAW message or body]
CVE-2020-1947: Apache ShardingSphere(incubator) deserialization
vulnerability
Severity: low
Vendor:
The Apache Software Foundation
Versions Affected:
ShardingSphere 4.0.0-RC3, 4.0.0
Description:
Apache ShardingSphere's web console uses the SnakeYAML library for parsing
YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal
data to a Java type By using the YAML tag. Unmarshalling untrusted data can
lead to security flaws of RCE.
Mitigation:
4.0.0-RC3 and 4.0.0 users should upgrade to 4.0.1
Example:
An attacker can use untrusted data to fill in the DataSource Config after
login the sharding-ui.
Credit:
This issue was discovered by WuXiong of QI`ANXIN YUNYING Labs.
References:
https://shardingsphere.apache.org/community/en/security/
Chen QingYang
Apache ShardingSphere
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic