N/A

CVSS Score

Basic Information

CVE ID

CVE-2024-43166

GHSA ID

GHSA-rrpj-r8h7-rm7r

EPSS Score

0.02156%

CWE

CWE-276

Published

9/3/2025

Updated

9/3/2025

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-43166

CVE-2024-43166: Apache DolphinScheduler Incorrect Default Permissions Vulnerability

Incorrect Default Permissions vulnerability in Apache DolphinScheduler.

This issue affects Apache DolphinScheduler: before 3.2.2.

Users are recommended to upgrade to version 3.3.1, which fixes the issue.

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

CVE-2024-43166

GHSA ID

GHSA-rrpj-r8h7-rm7r

EPSS Score

0.02156%

CWE

CWE-276

Published

9/3/2025

Updated

9/3/2025

KEV Status

Technology

Java

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.dolphinscheduler:dolphinscheduler	maven	< 3.3.1	3.3.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

In*orr**t ****ult P*rmissions vuln*r**ility in *p**** *olp*inS****ul*r. T*is issu* *****ts *p**** *olp*inS****ul*r: ***or* *.*.*. Us*rs *r* r**omm*n*** to up*r*** to v*rsion *.*.*, w*i** *ix*s t** issu*.

Reasoning

No *n*lysis *v*il**l*

N/A

Basic Information

Concerned about an active attack path?

CVE-2024-43166: Apache DolphinScheduler Incorrect Default Permissions Vulnerability

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI