Home

CVE-2017-7665

Description

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient.

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.752

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2017-7667,CVE-2017-7665 are fixed in Apache-nifi-api 0.7.4Windows
Vulnerabilities CVE-2017-7667,CVE-2017-7665 are fixed in Apache-nifi-api 1.3.0Windows
Vulnerabilities CVE-2017-7667,CVE-2017-7665 are fixed in Apache-Nifi-api for Linux 0.7.4Linux
Vulnerabilities CVE-2017-7667,CVE-2017-7665 are fixed in Apache-Nifi-api for Linux 1.3.0Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234