medium
6.5
CWE
74
Advisory Published
Updated

CVE-2020-1958

First published: Wed Apr 01 2020(Updated: )

When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based authorization checks, if configured. Callers of Druid APIs can also retrieve any LDAP attribute values of users that exist on the LDAP server, so long as that information is visible to the Druid server. This information disclosure does not require the caller itself to be a valid LDAP user.

Credit: security@apache.org

Affected SoftwareAffected VersionHow to fix
Apache Druid=0.17.0

Remedy

https://lists.apache.org/thread.html/r1526dbce98a138629a41daa06c13393146ddcaf8f9d273cc49d57681@%3Ccommits.druid.apache.org%3E

Remedy

https://lists.apache.org/thread.html/r1c32c95543d44559b8d7fd89b0a85f728c80e8b715685bbf788a15a4@%3Ccommits.druid.apache.org%3E

Remedy

https://lists.apache.org/thread.html/r47c90a378efdb3fd07ff7f74095b8eb63b3ca93b8ada5c2661c5e371@%3Ccommits.druid.apache.org%3E

Remedy

https://lists.apache.org/thread.html/rffabc9e83cc2831bbee5db32b3965b84b09346a26ebc1012db63d28c@%3Ccommits.druid.apache.org%3E

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2020-1958?

    CVE-2020-1958 is a vulnerability in Apache Druid 0.17.0 that allows callers with valid LDAP credentials to bypass the credentialsValidator.userSearch filter barrier.

  • How does LDAP authentication work in Apache Druid 0.17.0?

    LDAP authentication in Apache Druid 0.17.0 allows users to authenticate with the system using their LDAP credentials.

  • What is the impact of CVE-2020-1958?

    The impact of CVE-2020-1958 is that users with valid LDAP credentials can bypass the authentication filter and potentially gain unauthorized access to Druid APIs.

  • How can I check if my Apache Druid version is affected?

    You can check if your Apache Druid version is affected by CVE-2020-1958 by verifying if you are running version 0.17.0.

  • How do I mitigate CVE-2020-1958?

    To mitigate CVE-2020-1958, it is recommended to upgrade to a patched version of Apache Druid that addresses this vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203