PT-2024-26941 · Apache · Apache Submarine Server Core
L0Ne1Y
·
Published
2024-06-12
·
Updated
2024-09-26
·
CVE-2024-36265
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache Submarine Server Core versions 0.8.0 and later
Description
The issue is related to an Incorrect Authorization vulnerability in Apache Submarine Server Core. This vulnerability only affects products that are no longer supported by the maintainer. Users are recommended to find an alternative or restrict access to the instance to trusted users.
Recommendations
As a temporary workaround, consider restricting access to the instance to trusted users until an alternative solution is found.
Find an alternative to Apache Submarine Server Core, as the project is retired and no fix will be released.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Submarine Server Core