Lucene search
PRIOn knowledge basePRION:CVE-2023-31469HistoryJun 23, 2023 - 8:15 a.m.
Cross site request forgery (csrf)
2023-06-2308:15:00
PRIOn knowledge base
www.prio-n.com
10
cross site request forgery
apache streampipes
vulnerability
non-admin user
elevate privileges
upgrade 0.92.0
nvd
A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles.
The issue is resolved by upgrading to StreamPipes 0.92.0.
| CPE | Name | Operator | Version |
|---|---|---|---|
| streampipes | ge | 0.69.0 | |
| streampipes | le | 0.91.0 |
Related
cvelist
cvelist
github
github
Apache StreamPipes Improper Privilege Management vulnerability
2023-06-23 09:30:17
cnvd
cnvd
Apache StreamPipes Elevation of Privilege Vulnerability
2023-06-27 00:00:00
osv
osv
CVE-2023-31469
2023-06-23 08:15:09
Apache StreamPipes Improper Privilege Management vulnerability
2023-06-23 09:30:17
cve
cve
CVE-2023-31469
2023-06-23 08:15:09
veracode
veracode
Improper Privilege Management
2023-06-27 06:22:37
nvd
nvd
CVE-2023-31469
2023-06-23 08:15:09