Moderate severityNVD Advisory· Published Oct 16, 2023· Updated Sep 16, 2024
Apache InLong: General user Unauthorized access User Management
CVE-2023-43666
Description
Insufficient Verification of Data Authenticity vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0,
General user can view all user data like Admin account.
Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it.
[1] https://github.com/apache/inlong/pull/8623
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.inlong:inlongMaven | >= 1.4.0, < 1.9.0 | 1.9.0 |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-wj6q-chpv-mcrxghsaADVISORY
- lists.apache.org/thread/scbgh3ty3xcxm3q33r2t9f42gwwo1whyghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-43666ghsaADVISORY
- github.com/apache/inlong/pull/8623ghsaWEB
News mentions
0No linked articles in our index yet.