Critical severity9.8NVD Advisory· Published Apr 17, 2023· Updated Jun 17, 2026
CVE-2023-24831
CVE-2023-24831
Description
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3.
Attackers could login without authorization. This is fixed in 0.13.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.iotdb:iotdb-grafana-connectorMaven | >= 0.13.0, < 0.13.4 | 0.13.4 |
apache-iotdbPyPI | >= 0.13.0, < 0.13.5 | 0.13.5 |
Affected products
3- ghsa-coords2 versions
>= 0.13.0, < 0.13.4+ 1 more
- (no CPE)range: >= 0.13.0, < 0.13.4
- (no CPE)range: >= 0.13.0, < 0.13.5
- Apache Software Foundation/Apache IoTDBv5Range: 0.13.0
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-pvjv-386f-c8whghsaADVISORY
- lists.apache.org/thread/3dgvzgstycf8b5hyf4z3n7cqdhcyln3lnvdMailing ListVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-24831ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2023-7.yamlghsaWEB
News mentions
0No linked articles in our index yet.