5 matches found
CVE-2024-34457
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone's user flink information, including executeSQL and config. Mitigation: all users should upgrade to 2.1.4...
Apache StreamPark Privilege Management Error Vulnerability
Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. A privilege management error vulnerability exists in Apache StreamPark versions 1.0.0 through 2.1.4 and earlier, which can be exploited by an attacker to manually issue a reques...
CVE-2024-34457 Apache StreamPark IDOR Vulnerability
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone's user flink information, including executeSQL and config. Mitigation: all users should upgrade to 2.1.4...
CVE-2024-34457 Apache StreamPark IDOR Vulnerability
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone's user flink information, including executeSQL and config. Mitigation: all users should upgrade to 2.1.4...
PT-2024-25911 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.1.4 Description: The issue allows a regular user to view everyone's user flink information, including executeSQL and config, after successfully logging in. This is achieved by manually making a request using the...