Lucene search
China National Vulnerability DatabaseCNVD-2022-59200HistoryAug 23, 2022 - 12:00 a.m.
XXL-JOB authorization issue vulnerability
2022-08-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
35
xxl-job
authorization
vulnerability
distributed task scheduling
java
privilege control
administrative functions
low privilege account
cnvd
EPSS
0.001
Percentile
37.0%
XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xueli (XXL-JOB) community. all versions of XXL-JOB released after July 11, 2022 have an authorization issue vulnerability that stems from its insecure privilege control, which could be exploited by an attacker to use the ability to perform administrative functions with a low privilege account.
Related
github
github
Improper Privilege Management in com.xuxueli:xxl-job
2022-08-20 00:00:30
nvd
nvd
CVE-2022-36157
2022-08-19 22:15:09
osv
osv
CVE-2022-36157
2022-08-19 22:15:09
Improper Privilege Management in com.xuxueli:xxl-job
2022-08-20 00:00:30
cvelist
cvelist
CVE-2022-36157
2022-08-19 21:05:20
cve
cve
CVE-2022-36157
2022-08-19 22:15:09
prion
prion
Code injection
2022-08-19 22:15:00