CVE-2020-13922

CVE-2020-13922: Apache DolphinScheduler (incubating) Permission vulnerability

Vendor Apache Software Foundation

Product Apache DolphinScheduler

Weakness CWE-264

Published January 11, 2021

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.

Key dates

02Disclosure timeline

January 11, 2021 CVE published

February 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-13922

Related vulnerabilities

04Related CVE

CVE-2019-1648 Cisco SD-WAN Solution Privilege Escalation Vulnerability CVE-2019-1621 Cisco Data Center Network Manager Arbitrary File Download Vulnerability CVE-2022-23708 CVE-2018-6674 Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges CVE-2023-3599 SourceCodester Best Fee Management System Add User admin_class.php save_user access control