← back
CVE-2020-1956

CVE-2020-1956

CVSS 8.8 HIGHEPSS 98.0%● KEVCWE-78
In short

Apache Kylin allows attackers to run arbitrary system commands through unprotected REST APIs that directly concatenate user input into operating system commands, potentially compromising the entire server.

Technical detail

CWE-78 OS Command Injection vulnerability in Apache Kylin REST APIs (versions ≤2.6.5 and ≤3.0.1) where user-supplied input is concatenated directly into OS command execution without sanitization or validation. An unauthenticated or authenticated attacker can inject arbitrary commands to achieve remote code execution with the privileges of the Kylin process.

Summary generated and translated by AI from the official description.
Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Apache · Kylin
public PoCs found1
githubgithub.com/b510/CVE-2020-19560
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://community.sonarsource.com/t/apache-kylin-3-0-1-command-injection-vulnerability/25706https://lists.apache.org/thread.html/r021baf9d8d4ae41e8c8332c167c4fa96c91b5086563d9be55d2d7acf%40%3Ccommits.kylin.apache.org%3Ehttps://lists.apache.org/thread.html/r1332ef34cf8e2c0589cf44ad269fb1fb4c06addec6297f0320f5111d%40%3Cuser.kylin.apache.org%3Ehttps://lists.apache.org/thread.html/r250a867961cfd6e0506240a9c7eaee782d84c6ab0091c7c4bc45f3eb%40%3Cannounce.apache.org%3Ehttps://lists.apache.org/thread.html/r250a867961cfd6e0506240a9c7eaee782d84c6ab0091c7c4bc45f3eb%40%3Cdev.kylin.apache.org%3Ehttps://lists.apache.org/thread.html/r250a867961cfd6e0506240a9c7eaee782d84c6ab0091c7c4bc45f3eb%40%3Cuser.kylin.apache.org%3Ehttps://lists.apache.org/thread.html/r61666760d8a4e8764b2d5fe158d8a48b569414480fbfadede574cdc0%40%3Ccommits.kylin.apache.org%3Ehttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1956http://www.openwall.com/lists/oss-security/2020/07/14/1