Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistApacheCVELIST:CVE-2022-23942
HistoryApr 26, 2022 - 4:05 p.m.

CVE-2022-23942 Apache Doris hardcoded cryptography initialization

2022-04-2616:05:10
CWE-798
apache
www.cve.org
2
apache doris
prior to 1.0.0
hardcoded key
iv
cipher
ldap password
information disclosure

EPSS

0.001

Percentile

46.5%

JSON

Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure.

CNA Affected

[
  {
    "product": "Apache Doris(Incubating)",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "0.15.0"
      }
    ]
  }
]

Related

ubuntucve 1
prion 1
nvd 1
cve 1
ubuntucve
ubuntucve
CVE-2022-23942
2022-04-26 00:00:00
prion
prion
Information disclosure
2022-04-26 16:15:00
nvd
nvd
CVE-2022-23942
2022-04-26 16:15:47
cve
cve
CVE-2022-23942
2022-04-26 16:15:47

EPSS

0.001

Percentile

46.5%

JSON
Related for CVELIST:CVE-2022-23942
ubuntucve1prion1nvd1cve1