CVE-2018-12972

Published June 29th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.

OpenTSDB/opentsdb

A scalable, distributed Time Series Database.

GitHub

5.07K