CVE-2021-26919: Apache Druid Remote Code Execution Vulnerability Alert
Druid is a high-performance real-time analytics database. Druid’s main value add is to reduce time to insight and action. Druid is designed for workflows where fast queries and ingest really matter. Druid excels at powering UIs, running operational (ad-hoc) queries, or handling high concurrency. Consider Druid as an open-source alternative to data warehouses for a variety of use cases.
On March 30, 2021, Apache Druid issues a security notice to warn of a remote code execution vulnerability (CVE-2021-26919). The vulnerability is due to the lack of authorization and authentication in Apache Druid by default. Attackers can use this vulnerability to construct malicious data to execute remote code execution attacks without authorization, and finally obtain the highest authority of the server.
Affected version
- Apache Druid <0.20.2
Unaffected version
- Apache Druid 0.20.2
Solution
In this regard, we recommend the user should upgrade Apache Druid to the latest version as soon as possible.
