CVE-2022-44621
published 2022-12-30CVE-2022-44621: Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | kylin | < 4.0.3 | 4.0.3 |
| apache_software_foundation | apache_kylin | Apache Kylin 4 – 4.0.2 | — |