Lucene search
ApacheCVELIST:CVE-2023-43666HistoryOct 16, 2023 - 8:08 a.m.
CVE-2023-43666 Apache InLong: General user Unauthorized access User Management
2023-10-1608:08:10
CWE-345
apache
www.cve.org
2
apache inlong
data authenticity
user management
unauthorized access
upgrade
EPSS
0.001
Percentile
28.4%
Insufficient Verification of Data Authenticity vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0,
General user can view all user data like Admin account.
Users are advised to upgrade to Apache InLong’s 1.9.0 or cherry-pick [1] to solve it.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache InLong",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.8.0",
"status": "affected",
"version": "1.4.0",
"versionType": "semver"
}
]
}
]Related
github
github
Insufficient Verification of Data Authenticity in Apache InLong
2023-10-16 09:30:19
nvd
nvd
CVE-2023-43666
2023-10-16 09:15:10
prion
prion
Design/Logic Flaw
2023-10-16 09:15:00
cve
cve
CVE-2023-43666
2023-10-16 09:15:10
osv
osv
Insufficient Verification of Data Authenticity in Apache InLong
2023-10-16 09:30:19
cnvd
cnvd
Apache InLong Data Forgery Issue Vulnerability
2023-10-19 00:00:00
veracode
veracode
Information Disclosure
2023-10-17 20:09:15
vulnrichment
vulnrichment