CVE-2023-31206

Name of the Vulnerable Software and Affected Versions Apache InLong versions 1.4.0 through 1.6.0

Description The issue affects Apache InLong, allowing attackers to change the immutable name and type of nodes. This can be exploited by attackers, but there is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Apache InLong versions 1.4.0 through 1.6.0, upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7891 to solve the issue. As a temporary workaround, consider restricting access to the nodes of InLong to minimize the risk of exploitation.