CVE-2024-43166 | Apache DolphinScheduler up to 3.2.1 default permission

Inserito da Angelo Barbosa | Set 3, 2025 | CVE

A vulnerability has been found in Apache DolphinScheduler up to 3.2.1 and classified as critical. Affected by this vulnerability is an unknown functionality. Performing manipulation results in incorrect default permissions.

This vulnerability is identified as CVE-2024-43166. The attack can only be performed from the local network. There is not any exploit available.

The affected component should be upgraded.

CVE-2024-43166 | Apache DolphinScheduler up to 3.2.1 default permission

Post correlati

CVE-2025-33108 | IBM Backup Recovery and Media Services for i 7.4/7.5 unnecessary privileges (EUVD-2025-18318)

CVE-2024-3184 | EmbedThis GoAhead up to 6.0.0 Request null pointer dereference

CVE-2025-0918 | yaycommerce SMTP for SendGrid Plugin up to 1.3.1 on WordPress cross site scripting

CVE-2024-46869 | Linux Kernel up to 6.10.11/6.11.0 btintel_pcie allocation of resources (fa9e1c1b1f38/2b4545f08cc6/7ffaa2002518)