[jira] [Created] (IMPALA-7859) Nessus Scan find CGI Generic SQL Injection.

Donghui Xu (JIRA) Thu, 15 Nov 2018 18:16:24 -0800

Donghui Xu created IMPALA-7859:
----------------------------------

             Summary: Nessus Scan find CGI Generic SQL Injection.
                 Key: IMPALA-7859
                 URL: https://issues.apache.org/jira/browse/IMPALA-7859
             Project: IMPALA
          Issue Type: Bug
          Components: Backend
    Affects Versions: Impala 2.10.0
            Reporter: Donghui Xu



The nessus scan report shows that the 25000 port and the 25020 port contain the 
risk of SQL injection, as follows:
+ The following resources may be vulnerable to blind SQL injection :
+ The 'object_type' parameter of the /catalog_object CGI :
/catalog_object?object_name=_impala_builtins&object_type=DATABASEzz_impa
la_builtins&object_type=DATABASEyy

How can I solve this problem? Thanks.




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (IMPALA-7859) Nessus Scan find CGI Generic SQL Injection.

Reply via email to