CVE-2023-29055
CVE-2023-29055 affects Apache Kylin 2.0.0–4.0.3, where the Server Config web interface can display the contents of kylin.properties. When accessed over HTTP (or other plaintext protocols), network sniffers may intercept the payload and access potential server-side credentials. The root cause is t...