CVE-2018-11789 is a vulnerability in Apache Heron
Published on March 21, 2019
When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd.
Products Associated with CVE-2018-11789
Want to know whenever a new CVE is published for Apache Heron? stack.watch will email you.
Exploit Probability
EPSS
1.65%
Percentile
81.83%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.