CVE-2020-13922
N/A
N/A
Summary
Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache Software Foundation | Apache DolphinScheduler | Apache DolphinScheduler < 1.3.2 | affected |
Weaknesses
- CWE-264: CWE-264 Permissions, Privileges, and Access Controls
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.