Primary

Context

Apache DolphinScheduler Incorrect Default Permissions Vulnerability

Vulnerability

Patched

A vulnerability allowing incorrect default permissions has been identified in Apache DolphinScheduler versions prior to 3.2.2. This issue could lead to unauthorized access or actions within the application. Users are advised to upgrade to version 3.3.1, which addresses this vulnerability.

Impact

Exploitation of this vulnerability could result in unauthorized access or actions within Apache DolphinScheduler, potentially leading to privilege escalation or manipulation of scheduled tasks.

Remediation

Users should upgrade to Apache DolphinScheduler version 3.3.1 or later.

Added: Sep 3, 2025, 10:20 AM

Updated: Sep 3, 2025, 4:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache DolphinScheduler Incorrect Default Permissions Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apache DolphinScheduler

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating