← Volver a CVEs
CVE-2023-34189
MEDIUM6.5
Descripcion
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 to solve it.
Detalles CVE
Puntuacion CVSS v3.16.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado7/25/2023
Ultima modificacion2/13/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
apache:inlong
Debilidades (CWE)
CWE-668
Referencias
http://www.openwall.com/lists/oss-security/2023/07/25/2(security@apache.org)
https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s(security@apache.org)
http://www.openwall.com/lists/oss-security/2023/07/25/2(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.