Lucene search
ApacheCVELIST:CVE-2022-38370HistorySep 05, 2022 - 9:50 a.m.
CVE-2022-38370 No authorization of DatabaseConnectController in grafana-connector.
2022-09-0509:50:10
apache
www.cve.org
vulnerability
apache iotdb
grafana-connector
upgrade
authorization
0.001 Low
EPSS
Percentile
47.6%
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.
CNA Affected
[
{
"product": "Apache IoTDB",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "0.13.0"
}
]
}
]Related
github
github
Apache IoTDB grafana-connector contains an interface without authorization
2022-09-06 00:00:27
cnvd
cnvd
Apache IoTDB Access Control Error Vulnerability
2022-09-07 00:00:00
cve
cve
CVE-2022-38370
2022-09-05 10:15:09
osv
osv
Apache IoTDB grafana-connector contains an interface without authorization
2022-09-06 00:00:27
veracode
veracode
Authorization Bypass
2022-09-06 03:54:14
nvd
nvd
CVE-2022-38370
2022-09-05 10:15:09
prion
prion
Authorization
2022-09-05 10:15:00