VYPR
Unrated severityNVD Advisory· Published Jan 31, 2023· Updated Mar 27, 2025

Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench

CVE-2023-24829

Description

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database.

This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards.

Affected products

2
  • Apache/IoTDB Workbenchllm-fuzzy2 versions
    >=0.13.0, <0.13.3+ 1 more
    • (no CPE)range: >=0.13.0, <0.13.3
    • (no CPE)range: 0.13.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.