Vulnerability: Apache Flink 1.5.1 - Local File Inclusion

Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uploads to an arbitrary location on the local file system through a maliciously modified HTTP HEADER.

Impact

An attacker can exploit this vulnerability to access sensitive information, such as configuration files, credentials, or other sensitive data stored on the server.

Severity

high

Verified

Unknown