CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-34189

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 to solve it.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.0%

CVSS Severity

CVSS v3 Score 6.5

References

http://www.openwall.com/lists/oss-security/2023/07/25/2
https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s
http://www.openwall.com/lists/oss-security/2023/07/25/2
https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s

Products affected by CVE-2023-34189

Apache » Inlong » Version: 1.4.0

cpe:2.3:a:apache:inlong:1.4.0
Apache » Inlong » Version: 1.5.0

cpe:2.3:a:apache:inlong:1.5.0
Apache » Inlong » Version: 1.6.0

cpe:2.3:a:apache:inlong:1.6.0
Apache » Inlong » Version: 1.7.0

cpe:2.3:a:apache:inlong:1.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-34189

Products

Pricing

Contact Us