CVE-2020-13937

MEDIUM NUCLEI

Apache Kylin <4.0.0 - Info Disclosure

Title source: llm

Description

Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone.

Exploits (3)

nomisec SCANNER 9 stars

by yaunsky · poc

https://github.com/yaunsky/CVE-2020-13937

View Code ZIP pw:eip

nomisec WRITEUP 5 stars

by Al1ex · poc

https://github.com/Al1ex/CVE-2020-13937

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by kailing0220 · poc

https://github.com/kailing0220/CVE-2020-13937

View Code ZIP pw:eip

Nuclei Templates (1)

Apache Kylin - Exposed Configuration File

MEDIUMby pikpikcu

Shodan: http.favicon.hash:-186961397

FOFA: icon_hash=-186961397

References (1)

[Mailing List, Release Notes, Vendor Advisory] https://lists.apache.org/thread.html/rc592e0dcee5a2615f1d9522af30ef1822c1f863d5e05e7da9d1e57f4%40%3Cuser.kylin.apache.org%3E

Scores

CVSS v3 5.3

EPSS 0.9333

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-922

Status published

Products (24)

apache/kylin 2.0.0

apache/kylin 2.1.0

apache/kylin 2.2.0

apache/kylin 2.3.0

apache/kylin 2.3.1

apache/kylin 2.3.2

apache/kylin 2.4.0

apache/kylin 2.4.1

apache/kylin 2.5.0

apache/kylin 2.5.1

... and 14 more

Published Oct 19, 2020

Tracked Since Feb 18, 2026