CVE-2023-30771

CVE-2023-30771: Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench

Vendor Apache Software Foundation

Product Apache IoTDB Workbench

Weakness CWE-863 · Incorrect authorization

Published April 17, 2023

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.4 of iotdb-web-workbench onwards.

Key dates

Disclosure timeline

April 17, 2023 CVE published

February 13, 2025 Record updated