Lucene search
ApacheCVELIST:CVE-2023-34189HistoryJul 25, 2023 - 7:08 a.m.
CVE-2023-34189 Apache InLong: General user can delete and update process
2023-07-2507:08:53
CWE-668
apache
www.cve.org
6
cve-2023-34189
apache inlong
resource exposure
wrong sphere vulnerability
apache software foundation
security update
EPSS
0.001
Percentile
45.1%
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences.
Users are advised to upgrade to Apache InLongβs 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 Β to solve it.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache InLong",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "1.4.0",
"versionType": "semver"
}
]
}
]Related
osv
osv
Apache InLong: General user can delete and update process
2023-07-25 09:30:17
CVE-2023-34189
2023-07-25 08:15:10
veracode
veracode
Exposure Of Resources To Wrong Sphere
2023-07-26 02:13:22
nvd
nvd
CVE-2023-34189
2023-07-25 08:15:10
prion
prion
Design/Logic Flaw
2023-07-25 08:15:00
cve
cve
CVE-2023-34189
2023-07-25 08:15:10
github
github
Apache InLong: General user can delete and update process
2023-07-25 09:30:17