5 matches found
CVE-2022-31764
The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2. The premise of...
CVE-2022-31764
creationtimestamp| type| source ---|---|--- 2025-02-06 14:29:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113957414797440247 2025-02-06 15:15:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjevk3qka2c 2025-02-06 17:44:18+00:00| seen|...
CVE-2022-31764 Apache ShardingSphere ElasticJob-UI allows RCE via event trace data source JDBC
The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2. The premise of...
CVE-2022-31764 Apache ShardingSphere ElasticJob-UI allows RCE via event trace data source JDBC
The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2. The premise of...
CVE-2022-31764
The CVE describes an RCE in Apache ShardingSphere ElasticJob-UI Lite UI, exploitable by constructing a special H2 JDBC URL. Affected versions are 3.0.1 and earlier; ElasticJob-UI 3.0.2 fixes the issue. The attack premise requires the attacker to have obtained the account credentials; without them...