|
|
 |
Sonicwall Signatures
Go to All Categories list.
| | Apache Kylin spark-cmd Command Injection |
Category: WEB-ATTACKS
| In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf. |
|
|
|
