CVE-2023-24830

HIGH

Apache IoTDB 0.13.0-0.13.3 - Improper Authentication in iotdb-web-workbench

Title source: llm

Description

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3.

References (1)

Core 1

Core References

Mailing List, Vendor Advisory vendor-advisory

https://lists.apache.org/thread/l4fon37687jz5ohgsnz2ko9fv400915t

Scores

CVSS v3 7.5

EPSS 0.0154

EPSS Percentile 81.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-287

Status published

Products (2)

apache/iotdb 0.13.0 - 0.13.3

org.apache.iotdb/iotdb-parent 0.13.0 - 0.13.3Maven

Published Jan 30, 2023

Tracked Since Feb 18, 2026