Arbitrary Code Execution Vulnerability in Apache Storm
CVE-2018-1331 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user.
Learn more about our Cis Benchmark Audit For Apache Http Server.