PT-2026-60269 · Taosdata · Tdengine

CVE-2026-62355

·

Publicado

2026-07-15

·

Atualizado

2026-07-15

CVSS v3.1

5.4

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, a Data Reader admin user on a TDengine Cloud DB instance could run create udf even though standard users should have read-only permissions for non-database objects and show dnodes and create user were denied. This issue is fixed in version 3.4.1.15.

Correção

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-62355

Produtos afetados

Tdengine