Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0.
The attacker can bind any cluster, even if he is not the cluster owner. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.[1]
https://github.com/apache/inlong/pull/7947 https://github.com/apache/inlong/pull/7947
Metrics
Affected Vendors & Products
References
History
Wed, 09 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-05-22T13:23:17.332Z
Updated: 2024-10-09T17:14:26.742Z
Reserved: 2023-04-28T09:57:36.175Z
Link: CVE-2023-31454
Vulnrichment
Updated: 2024-08-02T14:53:30.874Z
NVD
Status : Modified
Published: 2023-05-22T14:15:09.697
Modified: 2024-11-21T08:01:53.933
Link: CVE-2023-31454
Redhat
No data.