"Critical Netflix Genie Bug Opens Big Data Orchestration to RCE"

A critical vulnerability in the open source version of Netflix's Genie job orchestration engine enables remote attackers to execute arbitrary code on systems running affected versions of the software. The bug has a near-max critical score of 9.9 out of 10 on the CVSS vulnerability severity scale. It attacks organizations that run their own Genie OSS instance, uploading and storing user-submitted file attachments via the underlying local file system. Genie enables organizations to orchestrate, run, and monitor various big data jobs and workflows across different frameworks and distributed computational clusters. This article continues to discuss the potential exploitation and impact of the critical Netflix Genie bug.

Dark Reading reports "Critical Netflix Genie Bug Opens Big Data Orchestration to RCE"

Submitted by grigby1

Submitted by Gregory Rigby on