- Description
- The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
- Source
- security@apache.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
- Severity
- MEDIUM
- security@apache.org
- CWE-20
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:zeppelin:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26319B3A-B658-40AE-83DA-62FEDEA6D002",
"versionEndIncluding": "0.9.0"
}
],
"operator": "OR"
}
]
}
]