Researcher Releases PoC Exploit for Apache NiFi Code Execution Flaw (CVE-2023-34468)

Security researcher Matei “Mal” Badanoiu disclosed the proof-of-concept (PoC) of a patched vulnerability that was tracked as CVE-2023-34468 and has been found to impact Apache NiFi. Assigned a CVSS score of 8.8, the flaw allows for remote code execution (RCE) by exploiting specially crafted database connection strings.

Affected Versions

Apache NiFi versions 0.0.2 through 1.21.0 are vulnerable to this attack. Organizations utilizing these versions are urged to upgrade to NiFi 1.22.0 or later immediately.

Vulnerability Details

The vulnerability resides in the DBCPConnectionPool and HikariCPConnectionPool Controller Services, components within Apache NiFi responsible for managing database connections. An authenticated and authorized user can exploit this flaw by configuring a Database URL with the H2 driver, enabling the execution of arbitrary Java code.

Consequences of Exploitation

Successful exploitation of this vulnerability could have severe consequences for organizations relying on Apache NiFi. Attackers could execute malicious code on vulnerable NiFi instances, potentially leading to unauthorized access, data theft, or even system compromise.

Proof-of-Concept Exploit

Badanoiu has released a proof-of-concept (PoC) exploit demonstrating the CVE-2023-34468 vulnerability’s exploitability. This PoC serves as a reminder of the potential severity of this flaw and underscores the urgency of patching affected systems.

CVE-2023-34468 PoC

Although only the “DBCPConnectionPool” and “HikariCPConnectionPool” Controller Services were tested for this vulnerability, more components may be vulnerable to this attack,” the researcher explained.

Mitigation

To mitigate this vulnerability, organizations should upgrade to Apache NiFi 1.22.0 or later. This updated version disables H2 JDBC URLs by default, effectively eliminating the attack vector. Additionally, implementing strict access controls and limiting access to sensitive data can further enhance security posture.