Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2xcr-p767-f3rv

Опубликовано: 20 мар. 2025
Источник: github
Github: Прошло ревью
CVSS4: 5.8
CVSS3: 5.4

Описание

Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect

Severity: medium (5.8) / important

Server-Side Request Forgery (SSRF), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Druid.

This issue affects all previous Druid versions.

When using the Druid management proxy, a request that has a specially crafted URL could be used to redirect the request to an arbitrary server instead. This has the potential for XSS or XSRF. The user is required to be authenticated for this exploit. The management proxy is enabled in Druid's out-of-box configuration. It may be disabled to mitigate this vulnerability. If the management proxy is disabled, some web console features will not work properly, but core functionality is unaffected.

Users are recommended to upgrade to Druid 31.0.2 or Druid 32.0.1, which fixes the issue.

Ссылки

Пакеты

Наименование

org.apache.druid:druid

maven
Затронутые версииВерсия исправления

< 31.0.2

31.0.2

Наименование

org.apache.druid:druid

maven
Затронутые версииВерсия исправления

= 32.0.0

32.0.1

EPSS

Процентиль: 22%
0.0007
Низкий

5.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

CVE-2025-27888

Дефекты

CWE-601
CWE-79
CWE-918

Связанные уязвимости

nvd логотип

CVE-2025-27888

CVSS3: 5.4
nvd
5 месяцев назад

Severity: medium (5.8) / important Server-Side Request Forgery (SSRF), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the Druid management proxy, a request that has a specially crafted URL could be used to redirect the request to an arbitrary server instead. This has the potential for XSS or XSRF. The user is required to be authenticated for this exploit. The management proxy is enabled in Druid's out-of-box configuration. It may be disabled to mitigate this vulnerability. If the management proxy is disabled, some web console features will not work properly, but core functionality is unaffected. Users are recommended to upgrade to Druid 31.0.2 or Druid 32.0.1, which fixes the issue.

debian логотип

CVE-2025-27888

CVSS3: 5.4
debian
5 месяцев назад

Severity: medium (5.8) / important Server-Side Request Forgery (SSRF) ...

fstec логотип

BDU:2025-07571

CVSS3: 6.3
fstec
5 месяцев назад

Уязвимость аналитической базы данных Apache Druid, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес, провести атаку межсайтового скриптинга (XSS) или осуществить SSRF-атаку

EPSS

Процентиль: 22%
0.0007
Низкий

5.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

CVE-2025-27888

Дефекты

CWE-601
CWE-79
CWE-918