Apache UIMA DUCC is a cluster management system from the Apache Foundation, which provides tools, management and scheduling tools. The system provides tools, management and scheduling tools. Apache UIMA DUCC is vulnerable to a command injection vulnerability, which stems from improper neutralization of the special elements used when using the DUCC module. An attacker could exploit this vulnerability to cause command execution as a user of the system running the Web process.