CVE-2024-36265

2024-06-1215:15:52

CWE-863

[email protected]

web.nvd.nist.gov

apache submarine server

incorrect authorization

vulnerability

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

UNSUPPORTED WHEN ASSIGNED Incorrect Authorization vulnerability in Apache Submarine Server Core.

This issue affects Apache Submarine Server Core: from 0.8.0.

As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Affected configurations

Vulners

Node

apachesubmarineRange≤0.8.0

CNA Affected

[
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.submarine:submarine-server-core",
    "product": "Apache Submarine Server Core",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "*",
        "status": "affected",
        "version": "0.8.0",
        "versionType": "semver"
      }
    ]
  }
]