CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
76.8%
org.apache.streampark:streampark is vulnerable to command injection due to insufficient input parameter validation, which allows attackers to insert malicious commands for execution. The risk level of this vulnerability is very low as it requires the user to log in with system-level permissions.