2 matches found
CVE-2026-40452
Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB. Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users. This issue affects Apache IoTDB: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users are recommended to...
CVE-2026-40452
CVE-2026-40452 – Apache IoTDB exposes last-value data via an authorization bypass in the /rest/v2/fastLastQuery endpoint due to improper access control. Affects IoTDB versions 1.3.5–1.3.7 and 2.0.5–2.0.9. Impact is high (confidentiality) as unauthorized authenticated users may access restricted d...