Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentApacheVULNRICHMENT:CVE-2024-36448
HistoryAug 05, 2024 - 9:53 a.m.

CVE-2024-36448 Apache IoTDB Workbench: SSRF Vulnerability (EOL)

2024-08-0509:53:38
CWE-918
apache
github.com
3
cve-2024-36448
apache iotdb workbench
ssrf vulnerability
server-side request forgery
eol
unsupported.

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

27.5%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB Workbench.

This issue affects Apache IoTDB Workbench: from 0.13.0.

As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CNA Affected

[
  {
    "vendor": "Apache Software Foundation",
    "product": "Apache IoTDB Workbench",
    "versions": [
      {
        "status": "affected",
        "version": "0.13.0",
        "versionType": "semver",
        "lessThanOrEqual": "*"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Related

nvd 1
cvelist 1
cve 1
nvd
nvd
CVE-2024-36448
2024-08-05 10:15:32
cvelist
cvelist
CVE-2024-36448 Apache IoTDB Workbench: SSRF Vulnerability (EOL)
2024-08-05 09:53:38
cve
cve
CVE-2024-36448
2024-08-05 10:15:32

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

27.5%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2024-36448
nvd1cvelist1cve1