Lucene search
Veracode Vulnerability DatabaseVERACODE:45064HistoryJan 16, 2024 - 6:14 a.m.
Remote Code Execution
2024-01-1606:14:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
apache iotdb
remote code execution
vulnerability
udf component
arbitrary code
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.4%
Apache IoTDB is vulnerable to Remote Code Execution. The vulnerability is due to the UDF component, which allows an attacker execute arbitrary code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache iotdb project parent pom | le | 1.2.2 | |
| apache iotdb project parent pom | le | 1.2.2 |
Related
nvd
nvd
CVE-2023-46226
2024-01-15 11:15:07
cve
cve
CVE-2023-46226
2024-01-15 11:15:07
osv
osv
Remote Code Execution vulnerability in Apache IoTDB via UDF
2024-01-15 12:30:19
PYSEC-2024-11
2024-01-15 11:15:00
github
github
Remote Code Execution vulnerability in Apache IoTDB via UDF
2024-01-15 12:30:19
prion
prion
Remote code execution
2024-01-15 11:15:00
cvelist
cvelist
CVE-2023-46226 Apache IoTDB: Remote Code Execution (RCE) risk via the UDF
2024-01-15 10:35:49
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.4%
Related for VERACODE:45064