CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

237 matches found

CVE•added 2023/04/17 7:26 a.m.•63 views

CVE-2023-30771

CVE-2023-30771 concerns Apache IoTDB’s optional iotdb-web-workbench web console. The vulnerability is an Incorrect Authorization issue affecting iotdb-web-workbench version 0.13.3, allowing high-severity impact on confidentiality, integrity, and availability (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:...

9.8CVSS9.4AI score0.01447EPSS

Exploits0References2Affected Software1

NVD•added 2023/04/17 7:15 a.m.•15 views

CVE-2023-24831

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4...

9.8CVSS9.3AI score0.01222EPSS

Exploits0References1

OSV•added 2023/04/17 7:15 a.m.•4 views

CVE-2023-24831

9.8CVSS9.3AI score

Exploits0References1

Prion•added 2023/04/17 7:15 a.m.•18 views

Authentication flaw

7.5CVSS9.3AI score0.01222EPSS

Exploits0References1Affected Software1

OSV•added 2023/04/17 7:15 a.m.•19 views

PYSEC-2023-7

9.8CVSS9.6AI score0.01222EPSS

Exploits0References3

Vulnrichment•added 2023/04/17 6:42 a.m.•11 views

CVE-2023-24831 Apache IoTDB grafana-connector Login Bypass Vulnerability

9.4AI score0.01222EPSS

Exploits0References1

Cvelist•added 2023/04/17 6:42 a.m.•22 views

CVE-2023-24831 Apache IoTDB grafana-connector Login Bypass Vulnerability

9.6AI score0.01222EPSS

Exploits0References1

CVE•added 2023/04/17 6:42 a.m.•71 views

CVE-2023-24831

CVE-2023-24831 affects Apache IoTDB Grafana Connector (0.13.0–0.13.3). It is an improper authentication flaw allowing login without authorization. Fixed in 0.13.4. Remediation: upgrade to 0.13.4+; monitor advisories for patch availability.

9.8CVSS9.4AI score0.01222EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/04/17 12:0 a.m.•3 views

PT-2023-22969 · Apache · Iotdb-Web-Workbench

Name of the Vulnerable Software and Affected Versions: Apache IoTDB iotdb-web-workbench version 0.13.3 Description: The issue is related to an Incorrect Authorization vulnerability in the iotdb-web-workbench component of Apache IoTDB. This component provides a web console for the database and is ...

9.8CVSS7.1AI score0.01447EPSS

Exploits0References9

Veracode•added 2023/02/07 6:59 a.m.•21 views

Improper Authentication

org.apache.iotdb:iotdb-server is vulnerable to Improper Authentication. A remote attacker is able to bypass authorization due to improper checks in the onConnect function of PublishHandler.java...

7.5CVSS7.3AI score0.01331EPSS

Exploits0References5Affected Software1

BDU FSTEC•added 2023/02/03 12:0 a.m.•2 views

The vulnerability of the iotdb-web-workbench component of the IoT database for Apache IoTDB allows a hacker to escalate their privileges.

The vulnerability of the iotdb-web-workbench component of the IoT database solution from Apache IoTDB is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...

7.5CVSS7.5AI score0.01245EPSS

Exploits0References2Affected Software1

NVD•added 2023/01/31 10:15 a.m.•24 views

CVE-2023-24829

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13....

8.8CVSS8.6AI score0.01245EPSS

Exploits0References1

OSV•added 2023/01/31 10:15 a.m.•3 views

CVE-2023-24829

8.8CVSS8.5AI score

Exploits0References1

Prion•added 2023/01/31 10:15 a.m.•22 views

Authorization

6.5CVSS8.5AI score0.01245EPSS

Exploits0References1Affected Software1

PyPA•added 2023/01/31 10:15 a.m.•7 views

PYSEC-2023-5

8.8CVSS7AI score0.01245EPSS

Exploits0References2Affected Software1

OSV•added 2023/01/31 10:15 a.m.•24 views

PYSEC-2023-5

8.8CVSS6.8AI score0.01245EPSS

Exploits0References1

Vulnrichment•added 2023/01/31 9:22 a.m.•9 views

CVE-2023-24829 Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench

8.6AI score0.01245EPSS

Exploits0References1

Cvelist•added 2023/01/31 9:22 a.m.•26 views

CVE-2023-24829 Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench

8.8AI score0.01245EPSS

Exploits0References1

CVE•added 2023/01/31 9:22 a.m.•49 views

CVE-2023-24829

CVE-2023-24829 involves an Incorrect Authorization vulnerability in the iotdb-web-workbench component of Apache IoTDB. The issue affects iotdb-web-workbench from 0.13.0 up to versions before 0.13.3, and is fixed starting with 0.13.3. iotdb-web-workbench is an optional web console for IoTDB. Conse...

8.8CVSS8.7AI score0.01245EPSS

Exploits0References1Affected Software1

OSV•added 2023/01/30 6:30 p.m.•18 views

GHSA-PP4W-9X82-6R47 Withdrawn Advisory: Apache IoTDB contains Improper Authentication

Withdrawn Advisory This advisory has been withdrawn because the affected component, org.apache.iotdb.admin:iotdb-web-workbench, is not in a supported ecosystem. This link is maintained to preserve external references. Original Description Improper Authentication vulnerability in Apache Software...

7.5CVSS7.4AI score0.01331EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by