You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@iotdb.apache.org by Jialin Qiao <qi...@apache.org> on 2023/04/16 04:47:12 UTC

CVE-2023-24831: Apache IoTDB grafana-connector Login Bypass Vulnerability

Severity: low

Description:

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3.

Attackers could login without authorization. This is fixed in 0.13.4.

References:

https://iotdb.apache.org/
https://iotdb.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-24831