VYPR
Unrated severityNVD Advisory· Published Jun 26, 2023· Updated Nov 6, 2024

Unauthorized users can manipulate a dashboard created by an administrator in DataEase

CVE-2023-35164

Description

DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Dataease/Dataeasellm-fuzzy2 versions
    <1.18.8+ 1 more
    • (no CPE)range: <1.18.8
    • (no CPE)range: < 1.18.8

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.