Lucene search
ApacheCVELIST:CVE-2024-36265HistoryJun 12, 2024 - 2:12 p.m.
CVE-2024-36265 Apache Submarine Server Core: authorization bypass
2024-06-1214:12:11
CWE-863
apache
www.cve.org
1
cve-2024-36265
apache submarine server core
authorization bypass
vulnerability
retired project
unsupported
0.8.0
maintainer
restricted access
0.0004 Low
EPSS
Percentile
9.1%
UNSUPPORTED WHEN ASSIGNED Incorrect Authorization vulnerability in Apache Submarine Server Core.
This issue affects Apache Submarine Server Core: from 0.8.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CNA Affected
[
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.submarine:submarine-server-core",
"product": "Apache Submarine Server Core",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-36265
2024-06-12 15:15:52
cve
cve
CVE-2024-36265
2024-06-12 15:15:52
github
github
Apache Submarine Server Core Incorrect Authorization vulnerability
2024-06-12 15:31:45
veracode
veracode
Incorrect Authorization
2024-06-13 05:08:55
osv
osv
Apache Submarine Server Core Incorrect Authorization vulnerability
2024-06-12 15:31:45
vulnrichment
vulnrichment
CVE-2024-36265 Apache Submarine Server Core: authorization bypass
2024-06-12 14:12:11