Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache iotdb 0.13.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-51656
Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 up to and including 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue.
Apache Iotdb
NA
CVE-2023-24831
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 up to and including 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.
Apache Iotdb
NA
CVE-2023-24829
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 prior to 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed...
Apache Iotdb
NA
CVE-2023-24830
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 prior to 0.13.3.
Apache Iotdb
NA
CVE-2022-43766
Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it.
Apache Iotdb
NA
CVE-2022-38369
Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users should upgrade to version 0.13.1 which addresses this issue.
Apache Iotdb 0.13.0
NA
CVE-2022-38370
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.
Apache Iotdb 0.13.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started