Lucene search
GitHub Advisory DatabaseGHSA-RXGG-273W-RFW7HistoryJan 15, 2024 - 12:30 p.m.
Remote Code Execution vulnerability in Apache IoTDB via UDF
2024-01-1512:30:19
GitHub Advisory Database
github.com
5
remote code execution
apache iotdb
upgrade
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.4%
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2.
Users are recommended to upgrade to version 1.3.0, which fixes the issue.
Affected configurations
Node
apacheiotdbRange<1.3.0
ORorg.apache.iotdb\iotdbMatchcore
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache-iotdb | lt | 1.3.0 | |
| org.apache.iotdb:iotdb-core | le | 1.2.2 |
Related
nvd
nvd
CVE-2023-46226
2024-01-15 11:15:07
veracode
veracode
Remote Code Execution
2024-01-16 06:14:36
cve
cve
CVE-2023-46226
2024-01-15 11:15:07
osv
osv
Remote Code Execution vulnerability in Apache IoTDB via UDF
2024-01-15 12:30:19
PYSEC-2024-11
2024-01-15 11:15:00
prion
prion
Remote code execution
2024-01-15 11:15:00
cvelist
cvelist
CVE-2023-46226 Apache IoTDB: Remote Code Execution (RCE) risk via the UDF
2024-01-15 10:35:49
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.4%
Related for GHSA-RXGG-273W-RFW7