Fluid Attacks Database

Description

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node. An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
maven	io.atomix:atomix	>=0 <=3.1.5	3.1.6

Aliases

1. CVE-2020-352112. NVD-2020-352113. OSV-2020-352114. GCVE-2020-35211

References

1. https://docs.google.com/presentation/d/1C_IpRfSU-9FMezcHCFZ-qg-15JO-W36yvqcnzI8sQs8/edit?usp=sharing

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.