CVE-2023-49109

Name of the Vulnerable Software and Affected Versions Apache DolphinScheduler versions prior to 3.2.1

Description The issue is related to the exposure of Remote Code Execution in Apache DolphinScheduler, which can be exploited by a remote attacker to execute arbitrary code. This could potentially lead to complete system compromise, data extraction, and lateral movement within the network. The issue is caused by incorrect code generation management.

Recommendations To resolve the issue, upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue. As a temporary workaround, consider restricting access to the system until the upgrade is applied.