CVE-2023-24831

CVE-2023-24831: Apache IoTDB grafana-connector Login Bypass Vulnerability

Vendor Apache Software Foundation

Product Apache IoTDB

Weakness CWE-287 · Improper authentication

Published April 17, 2023

Last update October 21, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.

Key dates

Disclosure timeline

April 17, 2023 CVE published

October 21, 2024 Record updated