CVE-2023-24829: Incorrect Authorization

January 31, 2023 (updated November 9, 2023)

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards.

References

lists.apache.org/thread/l0b59hh046tyn4gqot0bdrpg8gxlksmo
nvd.nist.gov/vuln/detail/CVE-2023-24829

Code Behaviors & Features

Detect and mitigate CVE-2023-24829 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →