4 matches found
CVE-2023-41314
The api /api/snapshot and /api/getlogfile would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues...
CVE-2023-41314
creationtimestamp| type| source ---|---|--- 2024-01-12 00:07:08+00:00| seen| https://t.me/ctinow/166948...
CVE-2023-41314
The api /api/snapshot and /api/getlogfile would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues...
CVE-2023-41314
CVE-2023-41314 affects Apache Doris; the vulnerability arises from unauthenticated access to /api/snapshot and /api/get_log_file, potentially enabling DoS and retrieval of arbitrary files from FE nodes. Worldwide references indicate affected product is Doris and advise upgrading to version 2.0.3 ...