org.apache.iotdb:iotdb-server is vulnerable to Improper Authentication. A remote attacker is able to bypass authorization due to improper checks in the onConnect
function of PublishHandler.java
.
CPE | Name | Operator | Version |
---|---|---|---|
iotdb server | le | 0.13.2 | |
iotdb: core: data-node (server) | le | 0.13.2 |