What is CVE-2024-30188?

CVE-2024-30188 is a vulnerability in Apache Software Foundation Dolphinscheduler, classified under Improper Input Validation. Published 2024-08-09.

Is CVE-2024-30188 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Apache Software Foundation Dolphinscheduler

CVE-2024-30188

File read and write vulnerability in Apache DolphinScheduler , authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to v…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.885 (99.5th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Dolphinscheduler — versions 3.1.0

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

lists.apache.org/thread/tbrt42mnr42bq6scxwt6bjr3s2pwyd07 (vendor-advisory)

Frequently asked questions

What is CVE-2024-30188?: CVE-2024-30188 is a vulnerability in Apache Software Foundation Dolphinscheduler, classified under Improper Input Validation. Published 2024-08-09.
Is CVE-2024-30188 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.