CVE-2024-43202

🗓️ 20 Aug 2024 07:29:43Reported by apacheType

Exposure of Remote Code Execution in Apache Dolphinschedule

Reporter	Title	Published	Views	Family All 11
GithubExploit	Exploit for Code Injection in Apache Dolphinscheduler	15 Dec 202515:37	–	githubexploit
Circl	CVE-2024-43202	20 Aug 202411:16	–	circl
Cvelist	CVE-2024-43202 Apache DolphinScheduler: Remote Code Execution Vulnerability	20 Aug 202407:29	–	cvelist
Github Security Blog	Apache Dolphinscheduler Code Injection vulnerability	20 Aug 202409:30	–	github
NVD	CVE-2024-43202	20 Aug 202408:15	–	nvd
OSV	GHSA-2FM6-MV57-P2QH Apache Dolphinscheduler Code Injection vulnerability	20 Aug 202409:30	–	osv
Positive Technologies	PT-2024-30368 · Apache · Apache Dolphinscheduler	20 Aug 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-43202	23 May 202506:37	–	redhatcve
Veracode	Remote Code Execution (RCE)	26 Aug 202407:08	–	veracode
vulnersOsv	org.apache.dolphinscheduler:dolphinscheduler-alert-server (>=3.0.0 <=3.2.1), org.apache.dolphinscheduler:dolphinscheduler-api (>=3.0.0 <=3.0.6) +62 more potentially affected by CVE-2023-49109 +1 more via org.apache.dolphinscheduler:dolphinscheduler-task-api (>=2.0.0-alpha <=3.2.1)	20 Aug 202409:30	–	vulnersosv

NVD

Vulners

Vulnrichment

Node

apache dolphinschedulerRange3.0.0–3.2.2

[
  {
    "defaultStatus": "unaffected",
    "product": "Apache DolphinScheduler",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "3.2.2",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
github	www.github.com/apache/dolphinscheduler/pull/15758
cve	www.cve.org/CVERecord
lists	www.lists.apache.org/thread/qbhk9wqyxhrn4z7m4m343wqxpwg926nh
lists	www.lists.apache.org/thread/nlmdp7q7l7o3l27778vxc5px24ncr5r5
openwall	www.openwall.com/lists/oss-security/2024/08/20/2

18 Mar 2025 15:57Current

7.4High risk

Vulners AI Score7.4

CVSS 3.19.8

EPSS0.07657

SSVC

CWE-94