PT-2024-23239 · Apache · Apache Dolphinscheduler
Drun1Baby
+3
·
Published
2024-03-28
·
Updated
2024-08-23
·
CVE-2024-30188
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache DolphinScheduler versions 3.1.0 through 3.2.1
Description
A file read and write vulnerability exists in Apache DolphinScheduler, allowing authenticated users to illegally access additional resource files.
Recommendations
For Apache DolphinScheduler versions 3.1.0 through 3.2.1, upgrade to version 3.2.2 to fix the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Dolphinscheduler