Lucene search
Veracode Vulnerability DatabaseVERACODE:33559HistoryJan 07, 2022 - 2:15 p.m.
Command Injection
2022-01-0714:15:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.084 Low
EPSS
Percentile
94.5%
org.apache.kylin:kylin-core-common is vulnerable to command injection. A remote attacker is able to pass an illegal project name due to a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService resulting in arbitrary command injection.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache kylin - core common | eq | 4.0.0 | |
| apache kylin - core common | eq | 4.0.0 |
Related
cve
cve
CVE-2021-45456
2022-01-06 13:15:08
nvd
nvd
CVE-2021-45456
2022-01-06 13:15:08
osv
osv
CVE-2021-45456
2022-01-06 13:15:08
Command Injection in Apache Kylin
2022-01-08 00:42:59
cnvd
cnvd
Apache Kylin OS Command Injection Vulnerability
2022-01-07 00:00:00
prion
prion
Command injection
2022-01-06 13:15:00
cvelist
cvelist
CVE-2021-45456 Command injection
2022-01-06 12:35:21
github
github
Command Injection in Apache Kylin
2022-01-08 00:42:59