PT-2023-31872 · Apache · Apache Iotdb
Haonan Hou
·
Publicado
2023-12-21
·
Atualizado
2024-01-02
·
CVE-2023-51656
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache IoTDB versions 0.13.0 through 0.13.4
Description
The issue is related to the deserialization of untrusted data in Apache IoTDB. Users are advised to upgrade to a fixed version to resolve the issue.
Recommendations
For Apache IoTDB versions 0.13.0 through 0.13.4, upgrade to version 1.2.2, which fixes the issue.
Correção
Deserialization of Untrusted Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Apache Iotdb