← back
CVE-2020-1942

CVE-2020-1942

EPSS 3.4%
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and local flow was printed, potentially containing sensitive values in plaintext.
Affected products
n/a · Apache NiFi

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://nifi.apache.org/security.html#CVE-2020-1942