Описание
OpenTSDB vulnerable to OS Command Injection
An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.
Пакеты
Наименование
net.opentsdb:opentsdb
maven
Затронутые версииВерсия исправления
<= 2.3.0
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 7 лет назад
An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.