Apache Nifi Vulnérabilités

Chronologie

Version

1.014
1.114
1.213
1.311
1.410

Contre-mesures

Official Fix18
Temporary Fix0
Workaround1
Unavailable0
Not Defined18

Exploitabilité

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined37

Vecteur d'accès

Not Defined0
Physical0
Local5
Adjacent6
Network26

Authentification

Not Defined0
High2
Low16
None19

Interaction de l'utilisateur

Not Defined0
Required7
None30

C3BM Index

L'année dernière

CVSSv3 Base

≤10
≤20
≤30
≤42
≤54
≤614
≤78
≤87
≤92
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤42
≤55
≤613
≤78
≤87
≤92
≤100

VulDB

≤10
≤20
≤31
≤46
≤58
≤612
≤73
≤87
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤51
≤66
≤78
≤811
≤93
≤103

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤81
≤90
≤100

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k0
<2k0
<5k7
<10k15
<25k15
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k12
<2k6
<5k6
<10k12
<25k1
<50k0
<100k0
≥100k0

Exploiter le volume du marché

L'année dernière

🔴 CTI Activités

Affected Versions (45): 0.1, 0.2, 0.3, 0.4, 0.5, 0.7, 0.7.1, 0.7.2, 0.7.3, 0.13, 1.0, 1.1, 1.1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.9.1, 1.9.2, 1.9.3, 1.10, 1.11, 1.11.1, 1.11.2, 1.11.3, 1.11.4, 1.12, 1.13, 1.14, 1.15, 1.16, 1.17, 1.18, 1.19, 1.19.1, 1.20, 1.21, 1.22, 1.23, 1.23.1, 1.23.2

Link to Product Website: https://www.apache.org/

PubliéBaseTempVulnérabilité0dayAujourd'huiExpConCTICVE
28/11/20235.65.6Apache NiFi JoltTransformJSON Processor transformjson.controller.js TransformJsonController cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-49145
03/09/20234.84.7Apache NiFi MiNiFi C++ Peer Verification authentification faible$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-41180
19/08/20236.05.9Apache NiFi URL Validator elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-40037
29/07/20237.57.4Apache NiFi Remote Resource elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-36542
12/06/20236.76.6Apache NiFi DBCPConnectionPool/HikariCPConnectionPool elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-34468
12/06/20235.65.5Apache NiFi elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-34212
10/02/20236.56.5Apache NiFi ExtractCCDAAttributes Processor XML External Entity$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2023-22832
15/06/20224.64.5Apache NiFi/NiFi Registry ShellUserGroupProvider elévation de privilèges$5k-$25k$5k-$25kNot DefinedWorkaround0.02CVE-2022-33140
30/04/20225.55.3Apache NiFi Standard Content Viewer Service XML External Entity$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-29265
07/04/20224.34.1Apache NiFi Login Credential Update elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-26850

27 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 27 results.

plus d'entrées par Apache

PrécédentAperçuSuivant

Might our Artificial Intelligence support you?

Check our Alexa App!