CVE-2023-31469
Apache StreamPipes: Privilege escalation through non-admin user
A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles.
The issue is resolved by upgrading to StreamPipes 0.92.0.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Apache Software Foundation · Apache StreamPipes¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →