Lucene search
K

4 matches found

OSV
OSV
added 2023/04/20 3:7 p.m.22 views

CVE-2023-25601 Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication

On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...

4.3CVSS5.9AI score0.01127EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/04/20 3:7 p.m.10 views

CVE-2023-25601 Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication

On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...

6.7AI score0.01127EPSS
Exploits0References2
CVE
CVE
added 2023/04/20 3:7 p.m.57 views

CVE-2023-25601

CVE-2023-25601 describes an improper authentication flaw in Apache DolphinScheduler’s python gateway affecting versions 3.0.0–3.1.1. The issue could permit a socket-based attack without authentication. The vulnerability is fixed in version 3.1.2 and later. Remediation options from the documented ...

4.3CVSS4.4AI score0.01127EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/20 3:7 p.m.27 views

CVE-2023-25601 Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication

On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...

4.8AI score0.01127EPSS
Exploits0References2
Rows per page
Query Builder