What is CVE-2018-17195?

CVE-2018-17195 is a vulnerability that allows a CSRF attack on the template upload API endpoint in Apache NiFi.

What is the severity of CVE-2018-17195?

CVE-2018-17195 is considered to be a high severity vulnerability with a severity value of 7.5.

What software is affected by CVE-2018-17195?

The Apache NiFi software version 1.0.0 to 1.7.1 is affected by CVE-2018-17195.

How can CVE-2018-17195 be exploited?

CVE-2018-17195 can be exploited by performing an ARP spoofing and man-in-the-middle attack, along with client certificate authentication and same subnet access.

Where can I find more information about CVE-2018-17195?

You can find more information about CVE-2018-17195 at the official Apache NiFi security page: https://nifi.apache.org/security.html#CVE-2018-17195

Vulnerability/
CVE-2018-17195

high

7.5

CWE

319 863 352

19/12/2018

20/12/2018

5/8/2024

CVE-2018-17195: CSRF

First published: Wed Dec 19 2018(Updated: )

The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle (MiTM) attack, resulting in a CSRF attack. The required attack vector is complex, requiring a scenario with client certificate authentication, same subnet access, and injecting malicious code into an unprotected (plaintext HTTP) website which the targeted user later visits, but the possible damage warranted a Severe severity level. Mitigation: The fix to apply Cross-Origin Resource Sharing (CORS) policy request filtering was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release.

Credit: security@apache.org security@apache.org

Affected Software	Affected Version	How to fix
Apache NiFi	>=1.0.0<=1.7.1
maven/org.apache.nifi:nifi	>=1.0.0<=1.7.1	1.8.0
	>=1.0.0<=1.7.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-17195?
CVE-2018-17195 is a vulnerability that allows a CSRF attack on the template upload API endpoint in Apache NiFi.
What is the severity of CVE-2018-17195?
CVE-2018-17195 is considered to be a high severity vulnerability with a severity value of 7.5.
What software is affected by CVE-2018-17195?
The Apache NiFi software version 1.0.0 to 1.7.1 is affected by CVE-2018-17195.
How can CVE-2018-17195 be exploited?
CVE-2018-17195 can be exploited by performing an ARP spoofing and man-in-the-middle attack, along with client certificate authentication and same subnet access.
Where can I find more information about CVE-2018-17195?
You can find more information about CVE-2018-17195 at the official Apache NiFi security page: https://nifi.apache.org/security.html#CVE-2018-17195

agent/type
collector/github-advisory-latest
source/GitHub
alias/GHSA-3jq8-jg75-rqv6
alias/CVE-2018-17195
agent/software-canonical-lookup
agent/weakness
agent/severity
agent/references
agent/description
agent/author
agent/softwarecombine
collector/github-advisory
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/trending
agent/source
agent/tags
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/maven
vendor/apache
canonical/apache nifi
version/apache nifi/1.0.0
version/apache nifi/1.7.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.