Lucene search
China National Vulnerability DatabaseCNVD-2024-01018HistoryDec 25, 2023 - 12:00 a.m.
Apache IoTDB Deserialization Vulnerability
2023-12-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
apache
iotdb
deserialization
vulnerability
data management
time-series
exploitation
arbitrary code
attack
system
Apache IoTDB is an integrated data management engine designed for time-series data from the Apache (USA) Foundation, which provides data collection, storage, and analysis services, among other things. A deserialization vulnerability exists in Apache IoTDB versions 0.13.0 through 0.13.4, which can be exploited by an attacker to execute arbitrary code on a system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache iotdb >=0.13.0, | le | 0.13.4 |
Related
cve
cve
CVE-2023-51656
2023-12-21 12:15:08
prion
prion
Deserialization of untrusted data
2023-12-21 12:15:00
veracode
veracode
Deserialization Of Untrusted Data
2023-12-22 05:54:39
osv
osv
Apache IoTDB: Unsafe deserialize map in Sync Tool
2023-12-21 12:30:29
github
github
Apache IoTDB: Unsafe deserialize map in Sync Tool
2023-12-21 12:30:29
cvelist
cvelist
CVE-2023-51656 Apache IoTDB: Unsafe deserialize map in Sync Tool
2023-12-21 11:47:57
nvd
nvd
CVE-2023-51656
2023-12-21 12:15:08