2 matches found
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the restful api-v1 endpoint. An attacker can gain unauthorized access to sensitive operations by submitting jobs through the /hazelcast/rest/maps/submit-job endpoint and setting extra...
PT-2024-13693 · Apache · Apache Seatunnel
Name of the Vulnerable Software and Affected Versions: Apache SeaTunnel version 1.0.0 Description: A security issue in Apache SeaTunnel allows attackers to read files on the MySQL server by modifying the information in the MySQL URL. The issue can be exploited by setting specific parameters in th...