3 matches found
Improper Authentication
Apache Pulsar Proxy is vulnerable to Improper Authentication. The vulnerability is caused due to missing authorization checks in the /proxy-stats endpoint. This can lead to unauthorized access this sensitive endpoints, allowing attackers to view detailed connection statistics and potentially...
GHSA-C35H-W8HJ-MM55 Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint
Improper Authentication vulnerability in Apache Pulsar Proxy allows an attacker to connect to the /proxy-stats endpoint without authentication. The vulnerable endpoint exposes detailed statistics about live connections, along with the capability to modify the logging level of proxied connections...
PT-2024-2610 · Apache · Apache Pulsar
Name of the Vulnerable Software and Affected Versions: Apache Pulsar versions 2.6.0 through 2.10.5 Apache Pulsar versions 2.11.0 through 2.11.2 Apache Pulsar versions 3.0.0 through 3.0.1 Apache Pulsar version 3.1.0 Description: The issue is related to an improper authentication vulnerability in t...