Lucene search
ApacheCVE-2021-28655HistoryDec 16, 2022 - 1:15 p.m.
CVE-2021-28655
2022-12-1613:15:08
CWE-20
apache
web.nvd.nist.gov
28
apache zeppelin
cve-2021-28655
input validation
security vulnerability
file deletion
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
EPSS
0.002
Percentile
53.1%
The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
Affected configurations
Node
apachezeppelinRange≤0.9.0
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Zeppelin",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "0.9.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
osv
osv
Apache Zeppelin Improper Input Validation vulnerability
2023-07-06 19:24:05
CVE-2021-28655
2022-12-16 13:15:08
cvelist
cvelist
CVE-2021-28655 Apache Zeppelin: Arbitrary file deletion vulnerability
2022-12-16 12:51:51
prion
prion
Input validation
2022-12-16 13:15:00
github
github
Apache Zeppelin Improper Input Validation vulnerability
2023-07-06 19:24:05
nvd
nvd
CVE-2021-28655
2022-12-16 13:15:08
veracode
veracode
Arbitrary File Deletion
2022-12-19 01:14:46
cnvd
cnvd
Apache Zeppelin input validation error vulnerability
2022-12-20 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
EPSS
0.002
Percentile
53.1%
Related for CVE-2021-28655