Cron Scheduler Vulnerability in Apache Zeppelin

Cron Scheduler Vulnerability in Apache Zeppelin

CVE-2018-1317 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.

Learn more about our Cis Benchmark Audit For Apache Http Server.