31 Jan 2023
Vulnérabilité CVE-2022-44644 CVE Vulnerability
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, an authenticated attacker could read arbitrary local file by connecting a rogue mysql server, By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3 (CVSS:0.0) (Last Update:2023-01-31)
Vulnerability Details : In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, an authenticated attacker could read arbitrary local file by connecting a rogue mysql server, By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3 Publish Date : 2023-01-31 Last Update Date : 2023-01-31 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2022-44644
- References For CVE-2022-44644
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2022-44644There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |