Apache NiFi Authentication security vulnerabilities (CVE-2019-12421) - Code World

Apache NiFi Authentication security vulnerabilities (CVE-2019-12421)

News 2019-11-23 22:28:16 views: null

Apache NiFi Authentication security vulnerabilities (CVE-2019-12421)

Release Date: 2019-11-18
Updated: 2019-11-22

Affected Systems:

Apache Group NiFi 1.0.0 - 1.9.2

description:

CVE (CAN) ID: CVE-2019-12421

the Apache NiFi is a software project of the Apache Software Foundation, is designed to automate the flow of data between software systems. The system for routing of data conversion systems, and mediation logic.

Apache NiFi 1.0.0 version to version 1.9.2, a security vulnerability in the authentication mechanism, the vulnerability stems from when the user logs off, NiFi client authentication token failure, rather than the token server failure. An attacker could exploit the vulnerability by sending a request to the API NiFi.

<* Source: Abdu Sahin
*>

suggestions:

Manufacturers patch:

the Apache Group
------------
Current vendors have released an updated patch to fix the security issue, please go to the manufacturer's home page to download:

https://nifi.apache.org/security.html # CVE-2019-12421

Guess you like

Origin www.linuxidc.com/Linux/2019-11/161500.htm

Apache NiFi Authentication security vulnerabilities (CVE-2019-12421)

[Network Security --- web server parsing vulnerabilities] Common parsing vulnerabilities in IIS, Apache, and Nginx middleware

Apache Nifi Technology Insider

Apache Nifi Technology Insider

Apache NiFi Processor in action

Apache NiFi Custom Processor

docker install Apache NIFI

Nacos 1.4.1 is released, fixing the security vulnerabilities that specify special UAs that can bypass all authentication

CVE-2020-1938 Apache Tomcat AJP File Inclusion Vulnerabilities

[Top] Apache Nifi Technology Insider

Parsing vulnerabilities in Apache and Nginx

Summary of web security vulnerabilities

Web Security: Middleware Vulnerabilities

Google released in October 2019 Android security patches fix 28 vulnerabilities

Security Tip: Beware of Ransomware Vulnerabilities and CPU Vulnerabilities

Common web security vulnerabilities_web vulnerabilities

아파치 NiFi 인증 보안 취약점 (CVE-2019-12421)

Apache ShenYu JWT Authentication Vulnerability (CVE-2021-37580)

Spring Security has an authentication bypass vulnerability CVE-2021-22096

Spring Security authentication bypass vulnerability CVE-2023-34035

Database security: MySQL authentication vulnerability (CVE-2012-2122)

NIFI Apache nifi The second (white first test) nifi data docking process first attempt

Linux solutions for common security vulnerabilities

The file contains a Web security vulnerabilities

owaps Ten security risk vulnerabilities

General approach Fortify security vulnerabilities

web-related security vulnerabilities

OpenCV there are two serious security vulnerabilities

The 4 Worst Security Vulnerabilities Today

Common Security Vulnerabilities and Governance Methods

Recommended

Ranking

iframe let subpages parent page jump parent.location.href

Android Studio connects to Tomcat server in Springboot Failed to connect to XXX

Introduction to the use of Axure components, login interface and drawing of personal resume

Unreal Engine UE problem collection (continuously added)

day72 importlib module

IntelliJ ideaIC / ideaIU download and activation crack

Typescript 静态属性&方法多态抽象类

TestNg use annotations

FiscoBcos uses Go to call contracts

Binary-thirds Find

Daily

More

2024-07-30(0)

2024-07-29(0)

2024-07-28(0)

2024-07-27(0)

2024-07-26(0)

2024-07-25(0)

2024-07-24(0)

2024-07-23(0)

2024-07-22(0)

2024-07-21(0)