Enhancement: cves/2021/CVE-2021-25646.yaml by mp

2022-06-27 14:31:38 -04:00 · 2022-06-27 14:31:38 -04:00 · 38bbb06150
parent 0c626f3197
commit 38bbb06150
1 changed files with 1 additions and 1 deletions
--- a/cves/2021/CVE-2021-25646.yaml
+++ b/cves/2021/CVE-2021-25646.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: high
  description: |
-    Apache Druid is susceptible to remote code execution because it lacks authorization and authentication by default. Attackers can send specially crafted requests to execute arbitrary code with the privileges of processes on the Druid server.
+    Apache Druid is susceptible to remote code execution because by default it lacks authorization and authentication. Attackers can send specially crafted requests to execute arbitrary code with the privileges of processes on the Druid server.
  reference:
    - https://paper.seebug.org/1476/
    - https://lists.apache.org/thread.html/rfda8a3aa6ac06a80c5cbfdeae0fc85f88a5984e32ea05e6dda46f866%40%3Cdev.druid.apache.org%3E