VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-f4t5-cj5v-aaam

Essentials
Severities (69)
References (15)
Severity details (23)
Exploits (1)
EPSS
History (0)

Vulnerability ID	VCID-f4t5-cj5v-aaam
Aliases	CVE-2023-34468 GHSA-xm2m-2q6h-22jw
Summary	The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and rejects H2 JDBC locations. You are recommended to upgrade to version 1.22.0 or later which fixes this issue.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-94	Improper Control of Generation of Code ('Code Injection')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-78	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	8.8	http://packetstormsecurity.com/files/174398/Apache-NiFi-H2-Connection-String-Remote-Code-Execution.html
generic_textual	HIGH	http://packetstormsecurity.com/files/174398/Apache-NiFi-H2-Connection-String-Remote-Code-Execution.html
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.74955	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.75555	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.76807	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.76807	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.76807	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77248	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77248	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77248	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.77854	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78107	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.78409	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.80089	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86200	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86200	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86200	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86880	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86880	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86880	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86880	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86880	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
epss	0.86880	https://api.first.org/data/v1/epss?cve=CVE-2023-34468
cvssv3.1	8.8	https://exceptionfactory.com/posts/2023/10/07/firsthand-analysis-of-apache-nifi-vulnerability-cve-2023-34468
generic_textual	HIGH	https://exceptionfactory.com/posts/2023/10/07/firsthand-analysis-of-apache-nifi-vulnerability-cve-2023-34468
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-xm2m-2q6h-22jw
cvssv3.1	4.6	https://github.com/apache/nifi
generic_textual	MODERATE	https://github.com/apache/nifi
cvssv3.1	8.8	https://github.com/apache/nifi/commit/4faf3ea59895e7e153db3f8f61147ff70a254361
generic_textual	HIGH	https://github.com/apache/nifi/commit/4faf3ea59895e7e153db3f8f61147ff70a254361
cvssv3.1	8.8	https://github.com/apache/nifi/pull/7349
generic_textual	HIGH	https://github.com/apache/nifi/pull/7349
cvssv3.1	8.8	https://issues.apache.org/jira/browse/NIFI-11653
generic_textual	HIGH	https://issues.apache.org/jira/browse/NIFI-11653
cvssv3.1	8.8	https://lists.apache.org/thread/7b82l4f5blmpkfcynf3y6z4x1vqo59h8
generic_textual	HIGH	https://lists.apache.org/thread/7b82l4f5blmpkfcynf3y6z4x1vqo59h8
cvssv3.1	8.8	https://nifi.apache.org/security.html#CVE-2023-34468
generic_textual	HIGH	https://nifi.apache.org/security.html#CVE-2023-34468
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-34468
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-34468
cvssv3.1	8.8	https://www.cyfirma.com/outofband/apache-nifi-cve-2023-34468-rce-vulnerability-analysis-and-exploitation
generic_textual	HIGH	https://www.cyfirma.com/outofband/apache-nifi-cve-2023-34468-rce-vulnerability-analysis-and-exploitation
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/06/12/3
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/06/12/3

Reference id	Reference type	URL
		http://packetstormsecurity.com/files/174398/Apache-NiFi-H2-Connection-String-Remote-Code-Execution.html
		https://api.first.org/data/v1/epss?cve=CVE-2023-34468
		https://exceptionfactory.com/posts/2023/10/07/firsthand-analysis-of-apache-nifi-vulnerability-cve-2023-34468
		https://github.com/apache/nifi
		https://github.com/apache/nifi/commit/4faf3ea59895e7e153db3f8f61147ff70a254361
		https://github.com/apache/nifi/pull/7349
		https://issues.apache.org/jira/browse/NIFI-11653
		https://lists.apache.org/thread/7b82l4f5blmpkfcynf3y6z4x1vqo59h8
		https://nifi.apache.org/security.html#CVE-2023-34468
		https://www.cyfirma.com/outofband/apache-nifi-cve-2023-34468-rce-vulnerability-analysis-and-exploitation
		https://www.cyfirma.com/outofband/apache-nifi-cve-2023-34468-rce-vulnerability-analysis-and-exploitation/
		http://www.openwall.com/lists/oss-security/2023/06/12/3
cpe:2.3:a:apache:nifi::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:nifi::::::::
CVE-2023-34468		https://nvd.nist.gov/vuln/detail/CVE-2023-34468
GHSA-xm2m-2q6h-22jw		https://github.com/advisories/GHSA-xm2m-2q6h-22jw

Data source	Metasploit
Description	The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. This exploit will result in several shells (5-7). Successfully tested against Apache nifi 1.17.0 through 1.21.0.
Note	Stability: - crash-safe Reliability: - repeatable-session SideEffects: - ioc-in-logs - config-changes - artifacts-on-disk
Ransomware campaign use	Unknown
Source publication date	June 12, 2023
Platform	Unix
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/http/apache_nifi_h2_rce.rb

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at http://packetstormsecurity.com/files/174398/Apache-NiFi-H2-Connection-String-Remote-Code-Execution.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://exceptionfactory.com/posts/2023/10/07/firsthand-analysis-of-apache-nifi-vulnerability-cve-2023-34468

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Found at https://github.com/apache/nifi

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/apache/nifi/commit/4faf3ea59895e7e153db3f8f61147ff70a254361

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/apache/nifi/pull/7349

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://issues.apache.org/jira/browse/NIFI-11653

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread/7b82l4f5blmpkfcynf3y6z4x1vqo59h8

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nifi.apache.org/security.html#CVE-2023-34468

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-34468

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-34468

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://www.cyfirma.com/outofband/apache-nifi-cve-2023-34468-rce-vulnerability-analysis-and-exploitation

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/06/12/3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.98799
EPSS Score	0.74955
Published At	March 28, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.