← volver
CVE-2022-38370

No authorization of DatabaseConnectController in grafana-connector.

EPSS 1.1%
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.
Productos afectados
Apache Software Foundation · Apache IoTDB

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://lists.apache.org/thread/kcpqgstvgf8sxy9ktxm1836nlwc8xy3jhttp://www.openwall.com/lists/oss-security/2022/09/05/2