CVE-2023-43667

Name of the Vulnerable Software and Affected Versions Apache InLong versions 1.4.0 through 1.8.0

Description The issue affects Apache InLong, allowing an attacker to create misleading or false log records. This makes it harder to audit and trace malicious activities. The estimated number of potentially affected devices is not provided.

Recommendations To solve the issue, users are advised to upgrade to Apache InLong's 1.9.0. As a temporary workaround, consider restricting access to log records until a patch is available. For versions prior to 1.9.0, cherry-pick https://github.com/apache/inlong/pull/8628 to solve the issue.