Lucene search
ApacheCVELIST:CVE-2023-24831HistoryApr 17, 2023 - 6:42 a.m.
CVE-2023-24831 Apache IoTDB grafana-connector Login Bypass Vulnerability
2023-04-1706:42:06
CWE-287
apache
www.cve.org
apache iotdb
grafana connector
login bypass
vulnerability
cve-2023-24831
fixed
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3.
Attackers could login without authorization. This is fixed in 0.13.4.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache IoTDB",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "0.13.3",
"status": "affected",
"version": "0.13.0",
"versionType": "semver"
}
]
}
]Related
cve
cve
CVE-2023-24831
2023-04-17 07:15:07
osv
osv
Apache IoTDB Grafana Connector vulnerable to Improper Authentication
2023-04-17 09:30:24
PYSEC-2023-7
2023-04-17 07:15:00
prion
prion
Authentication flaw
2023-04-17 07:15:00
nvd
nvd
CVE-2023-24831
2023-04-17 07:15:07
veracode
veracode
Authentication Bypass
2023-04-19 10:34:36
github
github
Apache IoTDB Grafana Connector vulnerable to Improper Authentication
2023-04-17 09:30:24