Maven package
org.apache.iotdb/iotdb-grafana-connector
pkg:maven/org.apache.iotdb/iotdb-grafana-connector
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-24831 | Cri | 9.8 | >= 0.13.0, < 0.13.4 | 0.13.4 | Apr 17, 2023 | Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4. | |
| CVE-2022-38370 | Hig | 7.5 | < 0.13.1 | 0.13.1 | Sep 5, 2022 | Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue. |
- affected >= 0.13.0, < 0.13.4fixed 0.13.4
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.
- affected < 0.13.1fixed 0.13.1
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.