CVE-2024-31867

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Apache Zeppelin versions 0.8.2 through 0.11.0

Description The issue is related to improper input validation, allowing attackers to execute malicious queries by setting improper configuration properties to LDAP search filter.

Recommendations For Apache Zeppelin versions 0.8.2 through 0.11.0, upgrade to version 0.11.1 to fix the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-90

Related Identifiers

CVE-2024-31867

GHSA-QMR3-52XF-WMHX

Affected Products

Apache Zeppelin

CVE-2024-31867

Weakness Enumeration

Related Identifiers

Affected Products

References · 11