OpenTSDB.CVE-2020-35476.Remote.Code.Injection
Description
This indicates an attack attempt to exploit a Command Injection vulnerability in OpenTSDB.
The vulnerability is due to improper validation of user-supplied parameters. A remote attacker can exploit this to execute arbitrary commands via a crafted request.
Affected Products
OpenTSDB version 2.4.0 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/OpenTSDB/opentsdb/issues/2051
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |