← voltar
CVE-2022-38370

No authorization of DatabaseConnectController in grafana-connector.

EPSS 1.1%
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.
Produtos afetados
Apache Software Foundation · Apache IoTDB

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://lists.apache.org/thread/kcpqgstvgf8sxy9ktxm1836nlwc8xy3jhttp://www.openwall.com/lists/oss-security/2022/09/05/2