Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create CVE-2024-56512.yaml #11455

Merged
merged 3 commits into from
Jan 8, 2025
Merged

Create CVE-2024-56512.yaml #11455

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
afa0aa9
Create CVE-2024-56512.yaml
DhiyaneshGeek Jan 7, 2025
f607b41
fix-trail-space
DhiyaneshGeek Jan 7, 2025
7d1d15b
Update CVE-2024-56512.yaml
ritikchaddha Jan 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 50 additions & 0 deletions http/cves/2024/CVE-2024-56512.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
id: CVE-2024-56512

info:
name: Apache NiFi - Information Disclosure
author: DhiyaneshDK
severity: medium
description: |
Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases where the Process Group did not reference any Parameter values, the framework did not check user authorization for the bound Parameter Context. Missing authorization for a bound Parameter Context enabled clients to download non-sensitive Parameter values after creating the Process Group.
reference:
- https://lists.apache.org/thread/cjc8fns5kjsho0s7vonlnojokyfx47wn
- http://www.openwall.com/lists/oss-security/2024/12/28/1
- https://github.com/absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit/
- https://nvd.nist.gov/vuln/detail/CVE-2024-56512
classification:
cve-id: CVE-2024-56512
epss-score: 0.00043
epss-percentile: 0.11049
metadata:
verified: true
max-request: 1
shodan-query: title:"Nifi"
tags: cve,cve2024,nifi,exposure

http:
- method: GET
path:
- "{{BaseURL}}{{path}}"

payloads:
path:
- /nifi-api/flow/process-groups/root
- /nifi-api/controller/config

matchers-condition: or
matchers:
- type: dsl
name: process-group-information
dsl:
- 'contains(content_type, "application/json")'
- 'contains_all(body, "processGroupFlow", "breadcrumb")'
- 'status_code == 200'
condition: and

- type: dsl
name: config-information
dsl:
- 'contains(content_type, "application/json")'
- 'contains_all(body, "maxTimerDrivenThreadCount", "maxEventDrivenThreadCount")'
- 'status_code == 200'
condition: and
Loading