Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
Users of Kylin 2.x & Kylin 3.x & 4.x should upgrade to 4.0.3 or apply patch https://github.com/apache/kylin/pull/2011 https://github.com/apache/kylin/pull/2011
References
History
Fri, 11 Apr 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-04-11T14:45:20.170Z
Reserved: 2022-11-02T11:04:02.229Z
Link: CVE-2022-44621

Updated: 2024-08-03T13:54:03.982Z

Status : Modified
Published: 2022-12-30T11:15:10.467
Modified: 2025-04-11T15:15:40.140
Link: CVE-2022-44621

No data.

No data.