Immudb is a database with built-in cryptographic proof and authentication. codenotary immudb versions prior to 1.4.1 are vulnerable to a data forgery issue, which stems from the fact that the client SDK does not validate the UUID and can accept any value reported by the server, and an attacker can use the vulnerability to trick the client into treating the modified UUID as a different server.
CPE | Name | Operator | Version |
---|---|---|---|
codenotary immudb | lt | 1.4.1 |