CVE-2023-41314

Name of the Vulnerable Software and Affected Versions SoftwareX versions prior to 2.0.3

Description The issue allows unauthenticated access through the API endpoints "/api/snapshot" and "/api/get log file". This could potentially lead to a DoS attack or allow an attacker to retrieve arbitrary files from the FE node.

Recommendations For versions prior to 2.0.3, upgrade to version 2.0.3 to fix the issue. As a temporary workaround, consider restricting access to the "/api/snapshot" and "/api/get log file" API endpoints to minimize the risk of exploitation.