Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-34189

UNKNOWN
Published 2023-07-25T07:08:53.608Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-34189. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. 

Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109  to solve it.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Apache Software Foundation

Apache InLong

Affected Versions:

1.4.0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed MODERATE

Apache InLong: General user can delete and update process

GHSA-86pw-4rqp-6x7v

Advisory Details

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences.  Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109  to solve it.

Affected Packages

Maven org.apache.inlong:inlong-manager
ECOSYSTEM: ≥1.4.0 <1.8.0

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-34189
WEB https://github.com/apache/inlong/issues/8108
WEB https://github.com/apache/inlong/pull/8109
PACKAGE https://github.com/apache/inlong
WEB https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s
WEB http://www.openwall.com/lists/oss-security/2023/07/25/2

Advisory provided by GitHub Security Advisory Database. Published: July 25, 2023, Modified: February 13, 2025

References

https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s
http://www.openwall.com/lists/oss-security/2023/07/25/2
Published: 2023-07-25T07:08:53.608Z
Last Modified: 2025-02-13T16:55:21.374Z
Copied to clipboard!