The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.
Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-03-12T10:16:23.638Z
Updated: 2024-08-05T17:24:41.124Z
Reserved: 2023-08-28T15:45:59.249Z
Link: CVE-2023-41313
Vulnrichment
Updated: 2024-08-02T18:54:05.087Z
NVD
Status : Awaiting Analysis
Published: 2024-03-12T11:15:46.470
Modified: 2024-11-21T08:21:03.007
Link: CVE-2023-41313
Redhat
No data.