Apache Storm Vulnérabilités

Chronologie

Version

1.2.07
1.2.17
1.2.24
1.0.04
1.0.14

Contre-mesures

Official Fix5
Temporary Fix0
Workaround0
Unavailable0
Not Defined6

Exploitabilité

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined11

Vecteur d'accès

Not Defined0
Physical0
Local2
Adjacent0
Network9

Authentification

Not Defined0
High0
Low5
None6

Interaction de l'utilisateur

Not Defined0
Required2
None9

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤40
≤51
≤62
≤74
≤82
≤92
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤51
≤64
≤72
≤82
≤92
≤100

VulDB

≤10
≤20
≤30
≤41
≤50
≤64
≤74
≤82
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤62
≤71
≤82
≤92
≤102

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k0
<2k0
<5k1
<10k4
<25k6
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k3
<2k2
<5k3
<10k2
<25k1
<50k0
<100k0
≥100k0

Exploiter le volume du marché

🔴 CTI Activités

Affected Versions (24): 0.1, 0.9.0.1, 0.10.1, 0.10.2, 1, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.1, 1.1.1, 1.1.2, 1.2, 1.2.1, 1.2.2, 1.2.3, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5

Link to Product Website: https://www.apache.org/

PubliéBaseTempVulnérabilité0dayAujourd'huiExpConCTICVE
23/11/20234.44.3Apache Storm TopologySpoutLag.java File.createTempFile divulgation de l'information$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-43123
25/10/20216.36.0Apache Storm Worker elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-40865
25/10/20216.36.0Apache Storm Nimbus Server getTopologyHistory elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-38294
26/07/20196.46.4Apache Storm Logviewer Daemon Log divulgation de l'information$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2019-0202
26/07/20198.58.5Apache Storm UI Daemon elévation de privilèges$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2018-11779
10/07/20187.57.5Apache Storm Cluster elévation de privilèges$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2018-1331
05/06/20185.45.4Apache Storm Archive directory traversal$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2018-8008
05/06/20185.95.9Apache Storm Daemon divulgation de l'information$5k-$25k$0-$5kNot DefinedNot Defined0.04CVE-2018-1332
30/10/20176.46.4Apache Storm Log Viewer directory traversal$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2014-0115
09/08/20177.57.2Apache Storm Worker elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2017-9799

1 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 1 results.

plus d'entrées par Apache

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!