1 results (0.422 seconds)
CVSS: 9.8EPSS: 8%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 8%CPEs: 1EXPL: 0CVE-2023-30771 – Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench
https://notcve.org/view.php?id=CVE-2023-30771
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.4 of iotdb-web-workbench onwards. • http://www.openwall.com/lists/oss-security/2023/04/18/7 https://lists.apache.org/thread/08nc3dr6lshfppx0pzmz5vbggdnzpojb • CWE-863: Incorrect Authorization •