Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-49068

UNKNOWN
Published 2023-11-27T09:49:42.477Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-49068. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler.This issue affects Apache DolphinScheduler: before 3.2.1.

Users are recommended to upgrade to version 3.2.1, which fixes the issue. At the time of disclosure of this advisory, this version has not yet been released. In the mean time, we recommend you make sure the logs are only available to trusted operators.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Apache Software Foundation

Apache DolphinScheduler

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed MODERATE

Apache DolphinScheduler Exposure of Sensitive Information to an Unauthorized Actor vulnerability

GHSA-c6cg-73p3-973h

Advisory Details

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.1. Users are recommended to upgrade to version 3.2.1, which fixes the issue. At the time of disclosure of this advisory, this version has not yet been released. In the mean time, we recommend you make sure the logs are only available to trusted operators.

Affected Packages

Maven org.apache.dolphinscheduler:dolphinscheduler-api
ECOSYSTEM: ≥0 <3.2.1

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-49068
WEB https://github.com/apache/dolphinscheduler/pull/15192
WEB https://github.com/apache/dolphinscheduler/commit/7308888c703fbe227887d2426273100582096134
PACKAGE https://github.com/apache/dolphinscheduler
WEB https://lists.apache.org/thread/jn6kr6mjdgtfgpxoq9j8q4pkfsq8zmpq

Advisory provided by GitHub Security Advisory Database. Published: November 27, 2023, Modified: November 28, 2023

References

https://github.com/apache/dolphinscheduler/pull/15192
https://lists.apache.org/thread/jn6kr6mjdgtfgpxoq9j8q4pkfsq8zmpq
Published: 2023-11-27T09:49:42.477Z
Last Modified: 2024-08-02T21:46:28.937Z
Copied to clipboard!