Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-69472
HistorySep 16, 2022 - 12:00 a.m.

Apache IoTDB Licensing Issue Vulnerability (CNVD-2022-69472)

2022-09-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
apache
iotdb
authorization
vulnerability
remote attacker
authentication
data management

0.016 Low

EPSS

Percentile

87.6%

JSON

Apache IoTDB is an integrated data management engine designed for time-series data from the Apache Foundation that provides data collection, storage, and analysis services, etc. An authorization issue vulnerability exists in Apache IoTDB version 0.13.0, which stems from vulnerability to session id attacks. A remote attacker could use the vulnerability to bypass the authentication process and take over the accounts of other Web application users in certain situations.

CPENameOperatorVersion
apache iotdbeq0.13.0

Related

cve 1
veracode 1
nvd 1
github 1
cvelist 1
osv 1
prion 1
cve
cve
CVE-2022-38369
2022-09-05 10:15:09
veracode
veracode
Insecure Session Management
2022-09-06 11:15:15
nvd
nvd
CVE-2022-38369
2022-09-05 10:15:09
github
github
Apache IoTDB Session Fixation vulnerability
2022-09-06 00:00:27
cvelist
cvelist
CVE-2022-38369 Login check vulnerability by session Id
2022-09-05 09:50:09
osv
osv
Apache IoTDB Session Fixation vulnerability
2022-09-06 00:00:27
prion
prion
Session fixation
2022-09-05 10:15:00

0.016 Low

EPSS

Percentile

87.6%

JSON
Related for CNVD-2022-69472
cve1veracode1nvd1github1cvelist1osv1prion1