Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-25601
HistoryApr 20, 2023 - 4:15 p.m.

Authentication flaw

2023-04-2016:15:00
PRIOn knowledge base
www.prio-n.com
3
apache dolphinscheduler
authentication
version 3.0.0 - 3.1.1
python gateway
fixed
configuration
nvd

4.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.5%

JSON

On version 3.0.0 through 3.1.1, Apache DolphinSchedulerโ€™s python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the python-gateway function by changing the value python-gateway.enabled=false in configuration file application.yaml. If you are using the python gateway, please upgrade to version 3.1.2 or above.

Related

cnvd 1
osv 2
cve 1
nvd 1
github 1
veracode 1
cvelist 1
cnvd
cnvd
Apache DolphinScheduler Authorization Issues Vulnerability
2023-04-23 00:00:00
osv
osv
CVE-2023-25601
2023-04-20 16:15:07
Apache DolphinScheduler's python gateway suffered from improper authentication
2023-04-20 18:30:50
cve
cve
CVE-2023-25601
2023-04-20 16:15:07
nvd
nvd
CVE-2023-25601
2023-04-20 16:15:07
github
github
Apache DolphinScheduler's python gateway suffered from improper authentication
2023-04-20 18:30:50
veracode
veracode
Improper Authentication
2023-04-24 08:53:10
cvelist
cvelist
CVE-2023-25601 Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway hasย improper authentication
2023-04-20 15:07:00

4.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.5%

JSON
Related for PRION:CVE-2023-25601
cnvd1osv2cve1nvd1github1veracode1cvelist1