You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Jialin Qiao <qi...@apache.org> on 2023/01/30 15:41:45 UTC
CVE-2023-24829: Apache IoTDB: apache/iotdb-web-workbench: forge the JWTToken to access workbench
Description:
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB iotdb-web-workbench.This issue affects users' access to the system without authorization.
This CVE is fixed in iotdb-web-workbench tag v0.13.3.
References:
https://iotdb.apache.org/
https://iotdb.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-24829