CVE-2024-36264

2024-06-1214:15:11

CWE-287

[email protected]

web.nvd.nist.gov

cve-2024-36264

improper authentication

apache submarine

commons utils

retired project

limited support

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

UNSUPPORTED WHEN ASSIGNED Improper Authentication vulnerability in Apache Submarine Commons Utils.

This issue affects Apache Submarine Commons Utils: from 0.8.0.

As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Affected configurations

Vulners

Node

apachesubmarineRange≤0.8.0

CNA Affected

[
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.submarine:submarine-commons-utils",
    "product": "Apache Submarine Commons Utils",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "*",
        "status": "affected",
        "version": "0.8.0",
        "versionType": "semver"
      }
    ]
  }
]