Lucene search
China National Vulnerability DatabaseCNVD-2023-80564HistoryJul 14, 2023 - 12:00 a.m.
Apache Pulsar Authorization Issues Vulnerability
2023-07-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
apache pulsar
authorization
vulnerability
privilege management
unauthorized message generation
cloud environment
distributed message flow
http header
security issue
Apache Pulsar is the United States Apache (Apache) Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenant, persistent storage, multi-machine room cross-region data replication, with strong consistency, high throughput and low latency highly scalable streaming data storage characteristics. An authorization issue vulnerability exists in Apache Pulsar, which stems from improper privilege management in the program, and can be exploited by an authenticated attacker with a custom HTTP header to generate messages to any topic using the agent’s administrative role.
Related
prion
prion
Authorization
2023-07-12 10:15:00
cvelist
cvelist
cve
cve
CVE-2023-30428
2023-07-12 10:15:09
github
github
Apache Pulsar Broker's Rest Producer vulnerable to Incorrect Authorization
2023-07-12 12:31:36
osv
osv
Apache Pulsar Broker's Rest Producer vulnerable to Incorrect Authorization
2023-07-12 12:31:36
CVE-2023-30428
2023-07-12 10:15:09
veracode
veracode
Incorrect Authorization
2023-07-14 06:07:38
nvd
nvd
CVE-2023-30428
2023-07-12 10:15:09
