CVE-2022-43396 - OpenCVE

In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Kylin

Configuration 1 [-]

cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://lists.apache.org/thread/ob2ks04zl5ms0r44cd74y1xdl1rzfd1r

History

No history.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-12-30T10:30:45.627Z

Updated: 2024-08-03T13:32:59.631Z

Reserved: 2022-10-18T08:30:30.500Z

Link: CVE-2022-43396

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-12-30T11:15:10.407

Modified: 2023-11-07T03:53:46.973

Link: CVE-2022-43396

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-43396", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2022-10-18T08:30:30.500Z", "datePublished": "2022-12-30T10:30:45.627Z", "dateUpdated": "2024-08-03T13:32:59.631Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Kylin", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "4.0.2", "status": "affected", "version": "Apache Kylin 4", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Yasax1 Li <pp1ove.lit@gmail.com>"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf."}], "value": "In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the\u00a0kylin.engine.spark-cmd\u00a0parameter of conf."}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"description": "Command injection", "lang": "en"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2022-12-30T10:30:45.627Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/ob2ks04zl5ms0r44cd74y1xdl1rzfd1r"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Kylin: Command injection by Useless configuration", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Users of Kylin 2.x & Kylin 3.x & 4.x should upgrade to 4.0.3 or apply patch <a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/apache/kylin/pull/2011\">https://github.com/apache/kylin/pull/2011</a><br>"}], "value": "Users of Kylin 2.x & Kylin 3.x & 4.x should upgrade to 4.0.3 or apply patch\u00a0 https://github.com/apache/kylin/pull/2011 https://github.com/apache/kylin/pull/2011 \n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:59.631Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/ob2ks04zl5ms0r44cd74y1xdl1rzfd1r"}]}]}}