237 matches found
CVE-2023-46226
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2023-30771
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.4 of...
Apache IoTDB Server-Side Request Forgery Vulnerability
Apache IoTDB is an integrated data management engine designed for time-series data from the Apache USA Foundation, which provides data collection, storage, and analysis services, among other things. Apache IoTDB suffers from a server-side request forgery vulnerability that stems from the product'...
CVE-2024-36448
UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...
CVE-2024-36448
UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...
CVE-2024-36448 Apache IoTDB Workbench: SSRF Vulnerability (EOL)
UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...
CVE-2024-36448 Apache IoTDB Workbench: SSRF Vulnerability (EOL)
UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...
CVE-2024-36448
Apache IoTDB Workbench is affected by a Server-Side Request Forgery (SSRF) vulnerability. Affects versions 0.13.0 and later; attackers can access the local network. The project is retired and no fix will be released; users should restrict access to trusted users or seek alternatives as a temporar...
The vulnerability of the IoT database for Apache IoTDB, which exists due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the IoT database Apache IoTDB exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Remote Code Execution
Apache IoTDB is vulnerable to Remote Code Execution. The vulnerability is due to the UDF component, which allows an attacker execute arbitrary code...
GHSA-RXGG-273W-RFW7 Remote Code Execution vulnerability in Apache IoTDB via UDF
Remote Code Execution vulnerability in Apache IoTDB. This issue affects Apache IoTDB from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
Remote Code Execution vulnerability in Apache IoTDB via UDF
Remote Code Execution vulnerability in Apache IoTDB. This issue affects Apache IoTDB from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2023-46226
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2023-46226
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
Remote code execution
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
PYSEC-2024-11
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2.Users are recommended to upgrade to version 1.3.0, which fixes the issue...
PYSEC-2024-11
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2023-46226 Apache IoTDB: Remote Code Execution (RCE) risk via the UDF
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2023-46226 Apache IoTDB: Remote Code Execution (RCE) risk via the UDF
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2023-46226
CVE-2023-46226 is an RCE issue in Apache IoTDB affecting 1.0.0–1.2.2. The vulnerability is tied to a UDF path/operation (as reflected across multiple sources) and is mitigated by upgrading to 1.3.0. Exploitation details are not provided in the supplied documents. Remediation: upgrade to IoTDB 1.3...