CVE-2023-30771 | THREATINT

Description

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.4 of iotdb-web-workbench onwards.

PUBLISHED Reserved 2023-04-16 | Published 2023-04-17 | Updated 2025-02-13 | Assigner apache

Problem types

CWE-863 Incorrect Authorization

Product status

Default status

unaffected

0.13.3 (custom) before 0.13.4

affected

References

lists.apache.org/thread/08nc3dr6lshfppx0pzmz5vbggdnzpojb vendor-advisory

www.openwall.com/lists/oss-security/2023/04/18/7

lists.apache.org/thread/08nc3dr6lshfppx0pzmz5vbggdnzpojb vendor-advisory

www.openwall.com/lists/oss-security/2023/04/18/7

cve.org (CVE-2023-30771)

nvd.nist.gov (CVE-2023-30771)

Download JSON