2 matches found
EUVD-2026-41857
Authentication Bypass by Spoofing vulnerability in Apache IoTDB. Certain Thrift RPC query handlers lack strict validation of the sessionId parameter. An attacker can construct requests with a forged sessionId and, without performing openSession authentication, receive valid query results. This...
Apache IoTDB JDBC driver 日志信息泄露漏洞
The Apache IoTDB JDBC driver is a standard JDBC driver for the Apache IoTDB database from the Apache USA Foundation that supports Java applications interacting with IoTDB. A log information disclosure vulnerability exists in Apache IoTDB JDBC driver versions 0.10.0 through 1.3.3 and versions prio...