{"api_version":"1","generated_at":"2026-07-13T21:51:20+00:00","cve":"CVE-2020-1960","urls":{"html":"https://cve.report/CVE-2020-1960","api":"https://cve.report/api/cve/CVE-2020-1960.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-1960","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-1960"},"summary":{"title":"CVE-2020-1960","description":"A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name>.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker's control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data.","state":"PUBLIC","assigner":"security@apache.org","published_at":"2020-05-14 17:15:00","updated_at":"2023-11-07 03:19:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034@%3Cissues.flink.apache.org%3E","name":"[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink","refsource":"MLIST","tags":["Mailing List","Patch","Vendor Advisory"],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E","name":"https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E","refsource":"MISC","tags":["Mailing List","Vendor Advisory"],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E","name":"https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E","refsource":"MISC","tags":["Mailing List","Patch","Vendor Advisory"],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://lists.apache.org/thread.html/r663cf0d5c386bba2f562d45ad484d786151a84f0b95e45e2b0fb8e50%40%3Cissues.flink.apache.org%3E","name":"[flink-issues] 20210107 [GitHub] [flink-web] rmetzger commented on a change in pull request #408: Add security page for Flink","refsource":"","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034%40%3Cissues.flink.apache.org%3E","name":"[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink","refsource":"","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d%40%3Cuser-zh.flink.apache.org%3E","name":"https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d%40%3Cuser-zh.flink.apache.org%3E","refsource":"","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/r663cf0d5c386bba2f562d45ad484d786151a84f0b95e45e2b0fb8e50@%3Cissues.flink.apache.org%3E","name":"[flink-issues] 20210107 [GitHub] [flink-web] rmetzger commented on a change in pull request #408: Add security page for Flink","refsource":"MLIST","tags":["Exploit","Mailing List","Vendor Advisory"],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-1960","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1960","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"1.10.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"1.10.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.1.5","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.2.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.3.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.4.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.5.6","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.6.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.7.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.8.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1960","vulnerable":"1","versionEndIncluding":"1.9.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"flink","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-1960","qid":"982412","title":"Java (maven) Security Update for org.apache.flink:flink-core (GHSA-6g88-99wj-8mgg)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2020-1960","ASSIGNER":"security@apache.org","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"Apache Flink","version":{"version_data":[{"version_value":"Apache Flink 1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Information Disclosure"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E","url":"https://lists.apache.org/thread.html/r23e559dee1e69741557b5fe431846de1f1a5981356d0ddb9482df88a%40%3Cdev.flink.apache.org%3E"},{"refsource":"MLIST","name":"[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink","url":"https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034@%3Cissues.flink.apache.org%3E"},{"refsource":"MLIST","name":"[flink-issues] 20210107 [GitHub] [flink-web] rmetzger commented on a change in pull request #408: Add security page for Flink","url":"https://lists.apache.org/thread.html/r663cf0d5c386bba2f562d45ad484d786151a84f0b95e45e2b0fb8e50@%3Cissues.flink.apache.org%3E"},{"refsource":"MISC","name":"https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E","url":"https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E"}]},"description":{"description_data":[{"lang":"eng","value":"A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name>.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker's control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data."}]}},"nvd":{"publishedDate":"2020-05-14 17:15:00","lastModifiedDate":"2023-11-07 03:19:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.7,"baseSeverity":"MEDIUM"},"exploitabilityScore":1,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":1.9},"severity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.9.0","versionEndIncluding":"1.9.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.8.0","versionEndIncluding":"1.8.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndIncluding":"1.7.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6.0","versionEndIncluding":"1.6.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndIncluding":"1.5.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.4.0","versionEndIncluding":"1.4.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.0","versionEndIncluding":"1.3.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.2.0","versionEndIncluding":"1.2.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.0","versionEndIncluding":"1.1.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:flink:1.10.0:-:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"1960","Ordinal":"161361","Title":"CVE-2020-1960","CVE":"CVE-2020-1960","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"1960","Ordinal":"1","NoteData":"A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name>.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker's control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"1960","Ordinal":"2","NoteData":"2020-05-14","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"1960","Ordinal":"3","NoteData":"2021-03-02","Type":"Other","Title":"Modified"}]}}}