Mirai Botnet aka Katana – Active IOCs
January 2, 2025Multiple SolarWinds Products Vulnerabilities
January 2, 2025Mirai Botnet aka Katana – Active IOCs
January 2, 2025Multiple SolarWinds Products Vulnerabilities
January 2, 2025Severity
Low
Analysis Summary
CVE-2024-56512
Apache NiFi 1.10.0 to 2.0.0 lacked authorization checks for Parameter Contexts, Controller Services, and Parameter Providers during Process Group creation, allowing unauthorized access to components. This issue, affecting deployments with component-based policies, is resolved in version 2.1.0 by enforcing proper authorization checks.
Impact
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-56512
Affected Vendors
Affected Products
- Apache NiFi 1.10.0 to 2.0.0
Remediation
Refer to Apache Website for patch, upgrade, or suggested workaround information.