No
Yes
30
If you are using Apache Druid, it is better to check your system if any vulnerability exists.
Apache Druid is a column-oriented open source distributed data storage written in Java, designed to quickly obtain large amounts of event data and provide low-latency queries on the data.
Apache Druid lacks authorization and authentication by default. Attackers can send specially crafted requests to execute arbitrary code with the privileges of processes on the Druid server.
Affected versions:
Update your Apache Druid to the latest version to eliminate this vulnerability.