Apache Software Foundation Apache Shardingsphere Elasticjob-Ui vulnerabilities
2 known vulnerabilities affecting apache_software_foundation/apache_shardingsphere_elasticjob-ui.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-22733P3MEDIUMCVSS 6.5PoC≥ Apache ShardingSphere ElasticJob-UI 3.x, ≤ 3.0.02022-01-20
CVE-2022-22733 [MEDIUM] CWE-200 CVE-2022-22733: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere El
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects Apache ShardingSphere ElasticJob-UI Apache ShardingSphere ElasticJob-UI 3.x version 3.0.0 and prior versions.
nvd
CVE-2022-31764P3HIGHCVSS 8.5≥ 3.0.0, ≤ 3.0.12025-02-06
CVE-2022-31764 [HIGH] CWE-913 CVE-2022-31764: The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing
The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2.
The premise of this attack is that the attacker has obtained the accou
nvd