Plattform
java
Komponente
org.apache.ranger:ranger-plugins-common
Behoben in
2.7.1
2.8.0
A critical Remote Code Execution (RCE) vulnerability (CVE-2025-59059) has been identified in Apache Ranger Plugins Common versions up to 2.7.0. This flaw resides within the NashornScriptEngineCreator component, allowing attackers to potentially execute arbitrary code on affected systems. Users are strongly advised to upgrade to version 2.8.0 to address this significant security risk.
The RCE vulnerability in Apache Ranger Plugins Common presents a severe threat. An attacker who successfully exploits this flaw can gain complete control over the affected Ranger server. This could lead to unauthorized access to sensitive data, modification of configurations, and even the deployment of malicious software. The potential blast radius extends to any systems or applications that rely on Ranger for access control and governance, as the attacker could leverage the compromised Ranger server to pivot and compromise other resources within the network. The Nashorn scripting engine, known for past vulnerabilities, is the root cause, allowing for code injection.
CVE-2025-59059 was published on 2026-03-03. The vulnerability leverages the Nashorn scripting engine, which has a history of security issues. Currently, there are no publicly available exploits, and the EPSS score is pending evaluation. Monitor CISA and Apache security advisories for updates regarding active exploitation campaigns.
Organizations heavily reliant on Apache Ranger for data governance and security policy enforcement are at significant risk. Specifically, deployments using older versions of Ranger Plugins Common (≤2.7.0) are vulnerable. Environments where Ranger is integrated with sensitive data stores or critical infrastructure are particularly exposed.
• java / server:
ps -ef | grep Nashorn• java / server:
find /opt/ranger/ -name "*NashornScriptEngineCreator.class"• java / server:
journalctl -u ranger-plugins-common -g "NashornScriptEngineCreator"disclosure
Exploit-Status
EPSS
0.42% (62% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2025-59059 is to upgrade Apache Ranger Plugins Common to version 2.8.0 or later, which contains the fix. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider implementing temporary workarounds. While no direct WAF rules can prevent the underlying vulnerability, restricting network access to the Ranger server and carefully reviewing any scripts executed by Ranger can reduce the attack surface. Monitor Ranger logs for suspicious script execution patterns. After upgrading, verify the fix by attempting to execute a known malicious script through the Nashorn engine; it should be rejected.
Aktualisieren Sie Apache Ranger auf Version 2.8.0 oder höher. Diese Version behebt die Remote Code Execution Vulnerability in NashornScriptEngineCreator. Das Update ist der sicherste Weg, dieses Risiko zu mindern.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-59059 is a critical Remote Code Execution vulnerability in Apache Ranger Plugins Common versions up to 2.7.0, allowing attackers to execute arbitrary code.
Yes, if you are using Apache Ranger Plugins Common versions 2.7.0 or earlier, you are vulnerable to this RCE.
Upgrade Apache Ranger Plugins Common to version 2.8.0 or later to remediate the vulnerability.
As of now, there are no confirmed reports of active exploitation, but the vulnerability's severity warrants immediate attention.
Refer to the Apache Ranger security page for the latest information and advisory: [https://ranger.apache.org/security/](https://ranger.apache.org/security/)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pom.xml-Datei hoch und wir sagen dir sofort, ob du betroffen bist.