logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-40865

Description

An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4


Affected Software


CPE Name Name Version
apache:storm apache storm 1.2.4
apache:storm apache storm 2.1.1
apache:storm apache storm 2.2.1

Related