Description

Introduction

Apache Druid is a distributed data processing system that supports real-time multi-dimensional OLAP analysis. Druid provides low latency (real-time) data ingestion, and the most common scenario for Druid is the multi-dimensional and flexible OLAP analysis, due to big data background. Druid also supports pre-aggregation ingestion and aggregation analysis of data, based on time stamps, so some users use it in scenarios with time-series data processing and analysis.

Summary

On Feb 1, 2021, the Sangfor Security Team verified an Apache Druid remote code execution vulnerability CVE-2021-25646, classified as critical. The vulnerability is due to a lack of authentication in Apache Druid by default. Attackers can directly construct malicious requests to execute arbitrary code and control servers.

Impact

Apache Druid is a data store designed for high-performance OLAP queries fragment analysis on large data sets. It is also used as a data store for GUI analysis applications, or as a back-end for high-concurrency APIs that require fast aggregation. Apache Druid is often used for clickstream analysis (web and mobile analysis), network telemetry analysis (network performance monitoring), server index storage, supply chain analysis (manufacturing index), application performance measurement, digital marketing/advertising analysis, business intelligence and online analytical processing. There are more than 30,000 available hosts in the world that are potentially vulnerable to remote code execution.

Affected versions:

Apache Druid version earlier than 0.20.1

Timeline

Jan 27, 2021 Apache Druid released a security bulletin.
Feb 1, 2021 Sangfor FarSight Labs detected the attack information of this vulnerability and released a vulnerability alert.

Solution

Apache has released a new version to fix this vulnerability. Please download and install it from the following link: https://github.com/apache/druid/releases/tag/druid-0.20.1

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

Cyber Security

Sangfor Athena EPP vs. Sophos Intercept X Endpoint: Endpoint Security Comparison for 2025

Date : 16 Jul 2025
Read Now
Cyber Security

Fight Against the Rise of Deepfake Scams with AI and Biometrics

Date : 21 Jun 2024
Read Now
Cyber Security

Fortinet Network Firewalls Competitors and Alternatives: A Comprehensive Guide

Date : 17 Sep 2024
Read Now

See Other Product

Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure
SASE ROI Calculator - Assess Sangfor SASE’s Total Economic Impact
Sangfor Athena XDR - Extended Detection and Response
Athena SASE - Secure Access Service Edge
Sangfor Athena NGFW - Next Generation Firewall