CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-27438: Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution

Description

Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution.
Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check.
This issue affects Apache Doris: from 1.2.0 through 2.0.4.

Users are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue.

Classification

CVE ID: CVE-2024-27438

Affected Products

Vendor: Apache Software Foundation

Product: Apache Doris

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.98% (scored less or equal to compared to others)

EPSS Date: 2025-03-14 (when was this score calculated)

References

https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh
http://www.openwall.com/lists/oss-security/2024/03/21/1

Timeline

2025-02-14 00:31:43 UTC
CVE

Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution