Login Sign Up

CVE-2024-45627

5.9 MEDIUM

📋 TL;DR

This vulnerability in Apache Linkis allows authenticated attackers to read arbitrary files from the server by injecting malicious MySQL JDBC parameters. It affects Apache Linkis versions before 1.7.0. Attackers need valid credentials to exploit this vulnerability.

💻 Affected Systems

Products:
  • Apache Linkis
Versions: All versions < 1.7.0
Operating Systems: All operating systems running Apache Linkis
Default Config Vulnerable: ⚠️ Yes
Notes: Requires attacker to have authorized account access to Linkis DataSource Manager Module

📦 What is this software?

Linkis by Apache

View all CVEs affecting Linkis →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive server files including configuration files, credentials, and system files could be exfiltrated, potentially leading to full system compromise.

🟠

Likely Case

Attackers with legitimate access could read configuration files containing database credentials, API keys, or other sensitive information stored on the Linkis server.

🟢

If Mitigated

With proper access controls and monitoring, impact would be limited to files accessible by the Linkis service account.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but is technically simple once credentials are obtained

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.7.0

Vendor Advisory: https://lists.apache.org/thread/0zzx8lldwoqgzq98mg61hojgpvn76xsh

Restart Required: Yes

Instructions:

1. Download Apache Linkis 1.7.0 or later from official Apache repository. 2. Stop Linkis services. 3. Backup current configuration. 4. Deploy new version. 5. Restart Linkis services.

🔧 Temporary Workarounds

MySQL JDBC Parameter Filtering

all

Implement input validation to filter or block malicious MySQL JDBC parameters in DataSource Manager Module

Access Restriction

all

Restrict DataSource Manager Module access to only trusted users who require MySQL database connectivity

🧯 If You Can't Patch

  • Implement strict access controls and monitoring for DataSource Manager Module operations
  • Apply network segmentation to isolate Linkis servers from sensitive file storage

🔍 How to Verify

Check if Vulnerable:

Check Linkis version using administrative interface or configuration files

Check Version:

Check linkis.properties or Linkis web interface for version information

Verify Fix Applied:

Verify Linkis version is 1.7.0 or higher and test MySQL JDBC parameter injection attempts are blocked

📡 Detection & Monitoring

Log Indicators:

  • Unusual MySQL JDBC connection attempts with suspicious parameters
  • Multiple file read operations from unexpected locations

Network Indicators:

  • Unexpected outbound file transfers from Linkis servers

SIEM Query:

source="linkis" AND (jdbc OR mysql) AND (parameter OR config) AND (read OR file)

📊 Metadata

CVE ID: CVE-2024-45627
CVSS v3 Score: 5.9 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-552
EPSS Score: 0.08% exploit probability (22.6th percentile)
Published: January 14, 2025
Last Updated: May 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45627, you might also want to check these:

CVE-2025-41240 10.0

This critical vulnerability allows unauthenticated remote attackers to access Kubernetes secrets via...

Same vulnerability type (CWE-552)
CVE-2024-56731 10.0

This vulnerability allows unprivileged users in Gogs to delete files in the .git directory, leading ...

Same vulnerability type (CWE-552)
CVE-2024-6209 10.0

This vulnerability allows attackers to access files without authorization in ABB ASPECT-Enterprise, ...

Same vulnerability type (CWE-552)