CVE-2024-36448

NVD Published Date: August 05, 2024 at 10:15 AM
NVD Last Modified: August 30, 2024 at 04:39 PM
Download Patch
Vulnerability ID
CVE-2024-36448
Severity
HIGH
Severity Score
7.3
Summary
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE ID
CWE-918

Recent Publish

CVE-2024-2937

CVE-2024-4607

CVE-2024-6472

2024-07 Security Only Quality Update for Windows Embedded Standard 7 for x86-based Systems (KB5040498)

2024-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5040498)

2024-07 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems (KB5040498)

See SecOps Solution
in action

Schedule Demo