4 matches found
CVE-2023-34189
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
CVE-2023-34189 Apache InLong: General user can delete and update process
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
CVE-2023-34189 Apache InLong: General user can delete and update process
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
CVE-2023-34189
CVE-2023-34189 affects Apache InLong versions 1.4.0–1.7.0. The issue is a permission-check flaw that allows a general user to delete or update processes, which should be admin-only. Remediation is to upgrade to InLong 1.8.0 or apply the patch from PR #8109 (linked in sources). Connected sources c...