CVE-2023-48396

CRITICAL

Apache SeaTunnel <1.0.1 - Auth Bypass

Title source: llm

Description

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affects Apache SeaTunnel: 1.0.0. Users are recommended to upgrade to version 1.0.1, which fixes the issue.

References (2)

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2024/07/30/1

[Mailing List, Vendor Advisory] https://lists.apache.org/thread/1tdxfjksx0vb9gtyt77wlr6rdcy1qwmw

Scores

CVSS v3 9.1

EPSS 0.0033

EPSS Percentile 55.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Classification

CWE

CWE-290

Status published

Affected Products (2)

apache/seatunnel

org.apache.seatunnel/seatunnel-web < 1.0.1Maven

Timeline

Published Jul 30, 2024

Tracked Since Feb 18, 2026