oss-sec mailing list archives
CVE-2023-24829: Apache IoTDB: apache/iotdb-web-workbench: forge the JWTToken to access workbench
From: Jialin Qiao <qiaojialin () apache org>
Date: Mon, 30 Jan 2023 15:41:45 +0000
Description: Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB iotdb-web-workbench.This issue affects users' access to the system without authorization. This CVE is fixed in iotdb-web-workbench tag v0.13.3. References: https://iotdb.apache.org/ https://iotdb.apache.org https://www.cve.org/CVERecord?id=CVE-2023-24829
Current thread:
- CVE-2023-24829: Apache IoTDB: apache/iotdb-web-workbench: forge the JWTToken to access workbench Jialin Qiao (Jan 30)