CVE-2024-36448

Name of the Vulnerable Software and Affected Versions Apache IoTDB Workbench versions 0.13.0 and later

Description A Server-Side Request Forgery (SSRF) issue affects Apache IoTDB Workbench, allowing an attacker to access the local network. This issue only affects products that are no longer supported by the maintainer.

Recommendations As this project is retired and no fix will be released, users are recommended to find an alternative to Apache IoTDB Workbench. Restrict access to the instance to trusted users as a temporary mitigation measure.