Lucene search
K

4 matches found

Circl
Circl
added 2024/07/15 10:59 a.m.4 views

CVE-2023-49566

creationtimestamp| type| source ---|---|--- 2024-07-15 10:59:35+00:00| seen| https://t.me/cvedetector/854...

8.8CVSS4.8AI score0.00845EPSS
Exploits0References1
NVD
NVD
added 2024/07/15 8:15 a.m.37 views

CVE-2023-49566

In Apache Linkis =1.5.0, due to the lack of effective filtering of parameters, an attacker configuring malicious db2 parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. This attack requires the attacker to...

8.8CVSS0.00845EPSS
Exploits0References2
CVE
CVE
added 2024/07/15 7:56 a.m.73 views

CVE-2023-49566

CVE-2023-49566 affects Apache Linkis 1.5.0 and earlier, specifically the DataSource Manager Module where DB2 URL parameters can be crafted to trigger a JNDI injection due to insufficient filtering. The attack requires an attacker with an authorized Linkis account and can enable exploitation throu...

8.8CVSS8.8AI score0.00845EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/07/15 7:56 a.m.25 views

CVE-2023-49566 Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability

In Apache Linkis =1.5.0, due to the lack of effective filtering of parameters, an attacker configuring malicious db2 parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. This attack requires the attacker to...

8.8CVSS7.1AI score0.00845EPSS
Exploits0References5
Rows per page
Query Builder