EPSS
Percentile
62.2%
zeppelin-zengine is vulnerable to authentication bypass. The vulnerability exists as users could execute paragraphs as other users without authentication due to the value of cronExecutionUser.
cronExecutionUser
github.com/apache/zeppelin/commit/85282615681e895d477417e9f9b80efdb221bf2c
github.com/apache/zeppelin/pull/2914
issues.apache.org/jira/browse/ZEPPELIN-3350