Lucene search
Veracode Vulnerability DatabaseVERACODE:5740HistoryJan 24, 2018 - 3:06 a.m.
Remote Code Execution (RCE)
2018-01-2403:06:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.009 Low
EPSS
Percentile
82.3%
nifi-commons is vulnerable to remote code execution (RCE) attacks. Attackers can use a X-ProxyContextPath or X-Forwarded-Context header to send and execute malicious code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nifi-commons | le | 1.4.0 | |
| nifi-jetty | le | 1.4.0 | |
| nifi-websocket-services-jetty | le | 1.4.0 | |
| nifi-standard-processors | le | 1.4.0 | |
| nifi-web-utils | le | 1.4.0 | |
| nifi-properties | le | 1.4.0 |
Related
osv
osv
CVE-2017-15697
2018-01-23 22:29:00
Apache NiFi XSS issue in context path handling
2022-05-14 03:45:22
nvd
nvd
CVE-2017-15697
2018-01-23 22:29:00
prion
prion
Remote code execution
2018-01-23 22:29:00
cvelist
cvelist
CVE-2017-15697
2018-01-12 00:00:00
cve
cve
CVE-2017-15697
2018-01-23 22:29:00
github
github
Apache NiFi XSS issue in context path handling
2022-05-14 03:45:22