Lucene search
Veracode Vulnerability DatabaseVERACODE:33535HistoryJan 07, 2022 - 2:31 a.m.
Server-Side Request Forgery (SSRF)
2022-01-0702:31:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.002 Low
EPSS
Percentile
54.2%
Apache Kylin is vulnerable to privilege escalation. The vulnerability exists due to the lack of validation of the host name via the request mappings in StreamingCoordinatorController.java handling /kylin/api/streaming_coordinator/* REST API endpoints allowing an attacker to issue arbitrary requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache kylin - stream core | le | 3.1.1 | |
| apache kylin - stream core | le | 3.1.1 |
Related
osv
osv
Server-Side Request Forgery in Apache Kylin
2022-01-08 00:43:04
CVE-2021-27738
2022-01-06 13:15:07
cve
cve
CVE-2021-27738
2022-01-06 13:15:07
nvd
nvd
CVE-2021-27738
2022-01-06 13:15:07
github
github
Server-Side Request Forgery in Apache Kylin
2022-01-08 00:43:04
cnvd
cnvd
Apache Kylin server-side request forgery vulnerability
2022-01-08 00:00:00
prion
prion
Server side request forgery (ssrf)
2022-01-06 13:15:00
cvelist
cvelist
CVE-2021-27738 Improper Access Control to Streaming Coordinator & SSRF
2022-01-06 12:35:17