Published on: Not Yet Published
Last Modified on: 11/30/2022 08:35:00 PM UTC
When using tasks to read config files, there is a risk of database password disclosure. We recommend you upgrade to version 2.0.6 or higher.
- CVE-2022-26885 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software: Apache Software Foundation - Apache DolphinScheduler version < 2.0.6
CVSS3 Score: 7.5 - HIGH
|No Description Provided|| lists.apache.org |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
No vendor comments have been submitted for this CVE
|@oss_security||CVE-2022-26885: Apache DolphinScheduler config file read by task risk: Posted by ShunFeng Cai on Nov 24Severity: im… twitter.com/i/web/status/1…||2022-11-24 14:31:32|
|@CVEreport||CVE-2022-26885 : When using tasks to read config files, there is a risk of database password disclosure. We recom… twitter.com/i/web/status/1…||2022-11-24 15:55:53|