Description

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards.

Related CPE's

a

apache

iotdb

Vulnerable

References

https://lists.apache.org/thread/l0b59hh046tyn4gqot0bdrpg8gxlksmo

Mailing ListVendor Advisory

https://lists.apache.org/thread/l0b59hh046tyn4gqot0bdrpg8gxlksmo

Mailing ListVendor Advisory

Weaknesses

[email protected]

Secondary
CWE-863

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-863

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-31T09:15:10.527Z

3 years ago

Last modified

2025-03-27T17:17:25.100Z

12 months ago