CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27438 – Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution
https://notcve.org/view.php?id=CVE-2024-27438
21 Mar 2024 — Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution. Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check. This issue affects Apache Doris: from 1.2.0 through 2.0.4. Users are recommended to upgrade to version 2.0.5 or 2.1.x, which fix... • http://www.openwall.com/lists/oss-security/2024/03/21/1 • CWE-494: Download of Code Without Integrity Check •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-26307 – Apache Doris: Possible race condition
https://notcve.org/view.php?id=CVE-2024-26307
21 Mar 2024 — Possible race condition vulnerability in Apache Doris. Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file. This could theoretically happen, but the impact would be minimal. This issue affects Apache Doris: before 1.2.8, before 2.0.4. Users are recommended to upgrade to version 2.0.4, which fixes the issue. Posible vulnerabilidad de condición de ejecución en Apache Doris. Parte del código que utiliza el método `chmod()`.... • http://www.openwall.com/lists/oss-security/2024/03/21/2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41313 – Apache Doris: Timing Attack weakness
https://notcve.org/view.php?id=CVE-2023-41313
12 Mar 2024 — The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue. El método de autenticación en las versiones de Apache Doris anteriores a la 2.0.0 era vulnerable a ataques de sincronización. Se recomienda a los usuarios actualizar a la versión 2.0.0 + o 1.2.8, que soluciona este problema. The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users... • http://www.openwall.com/lists/oss-security/2024/03/10/2 • CWE-208: Observable Timing Discrepancy •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41314 – Apache Doris: Missing API authentication allowed DoS
https://notcve.org/view.php?id=CVE-2023-41314
18 Dec 2023 — The api /api/snapshot and /api/get_log_file would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues. La API /api/snapshot y /api/get_log_file permitirían el acceso no autenticado. Podría permitir un ataque DoS u obtener archivos arbitrarios del nodo FE. Actualice a 2.0.3 para solucionar estos problemas. The api /api/snapshot and /api/get_log_file would allow unauthenticated access. • https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23942 – Apache Doris hardcoded cryptography initialization
https://notcve.org/view.php?id=CVE-2022-23942
26 Apr 2022 — Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. Apache Doris, versiones anteriores a 1.0.0, usaba una clave y un IV embebidos para inicializar el cifrado usado para la contraseña de ldap, lo que podía conllevar a una revelación de información • http://www.openwall.com/lists/oss-security/2022/04/26/2 • CWE-798: Use of Hard-coded Credentials •