Reported By: Sudheesh Katkam Vendor: The Apache Software Foundation Product: Apache Thrift Problem Type: Improper Authentication Versions Affected: Apache Thrift versions 0.5.0 through 0.11.0 Mitigation: Upgrading to the latest 0.12.0 release
Description: Apache Thrift Java client library TSaslTransport can bypass SASL negotiation isComplete validation. An assert was previously used to determine if the SASL handshake had successfully completed, but in some cases this assertion could be disabled in production settings making the validation incomplete. Resolution: The assertion has been removed and an isComplete check has been moved within the handshake processing loop. The fix is contained in the 0.12.0 Apache Thrift release. Jira issue: - https://issues.apache.org/jira/browse/THRIFT-4506 Mitre issue: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-1320 Committed resolution: - https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e On behalf of the Apache Thrift PMC, Thank you