Vulnerability Details CVE-2021-28656
Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.4%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2021-28656
-
cpe:2.3:a:apache:zeppelin:0.5.0
-
cpe:2.3:a:apache:zeppelin:0.5.5
-
cpe:2.3:a:apache:zeppelin:0.5.6
-
cpe:2.3:a:apache:zeppelin:0.6.0
-
cpe:2.3:a:apache:zeppelin:0.6.1
-
cpe:2.3:a:apache:zeppelin:0.6.2
-
cpe:2.3:a:apache:zeppelin:0.7.0
-
cpe:2.3:a:apache:zeppelin:0.7.1
-
cpe:2.3:a:apache:zeppelin:0.7.2
-
cpe:2.3:a:apache:zeppelin:0.7.3
-
cpe:2.3:a:apache:zeppelin:0.8.0
-
cpe:2.3:a:apache:zeppelin:0.8.1
-
cpe:2.3:a:apache:zeppelin:0.8.2
-
cpe:2.3:a:apache:zeppelin:0.9.0