PT-2024-24055 · Apache · Apache Streampipes
L0Ne1Y
·
Published
2024-07-17
·
Updated
2024-08-22
·
CVE-2024-31411
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache StreamPipes versions through 0.93.0
Description
The issue is related to an Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. This vulnerability may allow the upload of executable files, potentially leading to remote code execution (RCE). The unrestricted upload is only possible for authenticated and authorized users.
Recommendations
For Apache StreamPipes versions through 0.93.0, upgrade to version 0.95.0, which fixes the issue.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Streampipes