CVE-2024-28169

Name of the Vulnerable Software and Affected Versions: BigDL versions prior to 2.5.0

Description: The issue is related to the transmission of sensitive information in cleartext, which could allow a remote attacker to cause a denial of service. This can potentially be exploited by an authenticated user with adjacent access.

Recommendations: For versions prior to 2.5.0, update to version 2.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and limiting adjacent access to minimize the risk of exploitation.