Lucene search
+L

5 matches found

nvd
nvd
added 2025/02/06 3:15 p.m.35 views

CVE-2022-31764

The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2. The premise of...

8.5CVSS0.00671EPSS
Exploits0References1
circl
circl
added 2025/02/06 2:29 p.m.22 views

CVE-2022-31764

creationtimestamp| type| source ---|---|--- 2025-02-06 14:29:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113957414797440247 2025-02-06 15:15:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjevk3qka2c 2025-02-06 17:44:18+00:00| seen|...

8.5CVSS5.8AI score0.00671EPSS
Exploits0References5
cvelist
cvelist
added 2025/02/06 2:23 p.m.38 views

CVE-2022-31764 Apache ShardingSphere ElasticJob-UI allows RCE via event trace data source JDBC

The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2. The premise of...

0.00671EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/02/06 2:23 p.m.8 views

CVE-2022-31764 Apache ShardingSphere ElasticJob-UI allows RCE via event trace data source JDBC

The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2. The premise of...

6.8AI score0.00671EPSS
Exploits0References1
cve
cve
added 2025/02/06 2:23 p.m.72 views

CVE-2022-31764

The CVE describes an RCE in Apache ShardingSphere ElasticJob-UI Lite UI, exploitable by constructing a special H2 JDBC URL. Affected versions are 3.0.1 and earlier; ElasticJob-UI 3.0.2 fixes the issue. The attack premise requires the attacker to have obtained the account credentials; without them...

8.5CVSS6.5AI score0.00671EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder