Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0.  The attacker can bind any cluster, even if he is not the cluster owner. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.[1] https://github.com/apache/inlong/pull/7947 https://github.com/apache/inlong/pull/7947
History

Wed, 09 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-05-22T13:23:17.332Z

Updated: 2024-10-09T17:14:26.742Z

Reserved: 2023-04-28T09:57:36.175Z

Link: CVE-2023-31454

cve-icon Vulnrichment

Updated: 2024-08-02T14:53:30.874Z

cve-icon NVD

Status : Modified

Published: 2023-05-22T14:15:09.697

Modified: 2024-11-21T08:01:53.933

Link: CVE-2023-31454

cve-icon Redhat

No data.