Login Sign Up

CVE-2023-41916

6.5 MEDIUM

📋 TL;DR

Apache Linkis versions up to 1.4.0 have a vulnerability where attackers with authorized accounts can configure malicious MySQL JDBC parameters to trigger arbitrary file reading. This occurs due to insufficient parameter filtering in the DataSource Manager Module. Only authenticated attackers can exploit this vulnerability.

💻 Affected Systems

Products:
  • Apache Linkis
Versions: <= 1.4.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires attacker to have an authorized Linkis account. MySQL JDBC configuration functionality must be accessible.

📦 What is this software?

Linkis by Apache

View all CVEs affecting Linkis →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers with valid credentials could read sensitive system files, configuration files, or database credentials, potentially leading to further system compromise.

🟠

Likely Case

Authenticated malicious users or compromised accounts reading sensitive configuration files or data from the server filesystem.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to authorized users who would already have some level of system access.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access. The vulnerability is in parameter handling for MySQL JDBC URLs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.0

Vendor Advisory: https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729

Restart Required: Yes

Instructions:

1. Backup current configuration and data. 2. Download Apache Linkis 1.5.0 from official sources. 3. Stop Linkis services. 4. Replace with version 1.5.0. 5. Restart Linkis services. 6. Verify functionality.

🔧 Temporary Workarounds

MySQL JDBC Parameter Blacklisting

all

Implement input validation to blacklist dangerous MySQL JDBC parameters at the application level.

Restrict DataSource Manager Access

all

Limit access to DataSource Manager Module to only trusted administrators.

🧯 If You Can't Patch

  • Implement strict access controls and monitor DataSource Manager Module usage
  • Deploy network segmentation to isolate Linkis instances from sensitive systems

🔍 How to Verify

Check if Vulnerable:

Check Linkis version: if version <= 1.4.0, system is vulnerable. Review if MySQL JDBC configuration is accessible.

Check Version:

Check Linkis configuration files or admin interface for version information

Verify Fix Applied:

Verify Linkis version is 1.5.0 or higher. Test that malicious MySQL JDBC parameters are properly filtered.

📡 Detection & Monitoring

Log Indicators:

  • Unusual MySQL JDBC configuration attempts
  • Multiple failed authentication attempts followed by DataSource Manager access
  • File read operations from unexpected processes

Network Indicators:

  • Unusual outbound connections from Linkis servers
  • Traffic patterns suggesting file exfiltration

SIEM Query:

source="linkis.log" AND ("MySQL" OR "JDBC") AND ("parameter" OR "config") AND suspicious_patterns

📊 Metadata

CVE ID: CVE-2023-41916
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-552
Published: July 15, 2024
Last Updated: March 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-41916, you might also want to check these:

CVE-2025-41240 10.0

This critical vulnerability allows unauthenticated remote attackers to access Kubernetes secrets via...

Same vulnerability type (CWE-552)
CVE-2024-56731 10.0

This vulnerability allows unprivileged users in Gogs to delete files in the .git directory, leading ...

Same vulnerability type (CWE-552)
CVE-2024-6209 10.0

This vulnerability allows attackers to access files without authorization in ABB ASPECT-Enterprise, ...

Same vulnerability type (CWE-552)