Apache Ignite Relative Path Traversal Vulnerability in REST API Allowing Arbitrary File Read

A relative path traversal vulnerability has been identified in the Apache Ignite REST API, affecting versions 2.0.0 prior to 2.17.0. This vulnerability allows authenticated REST API users to read any file on the server by using the 'cmd=log' command along with a crafted log path. The issue arises because the application improperly validates file paths, enabling attackers to exploit path traversal patterns to access files outside the intended directory.

Impact

Exploitation of this vulnerability could lead to unauthorized reading of sensitive files on the server. Additionally, according to the Apache Ignite community, there is a potential risk of creating or overwriting critical files that could be used to execute code, such as programs or libraries.

Remediation

Users are advised to upgrade to Apache Ignite version 2.18.0, which addresses this vulnerability. For all Ignite versions, ensure that no vulnerable classes are present in custom code used with Apache Ignite.