Security Advisory

CVE-2023-31469

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-23 07:07:42

Last updated 2024-10-09 15:11:39

Assigner apache

State PUBLISHED

Description

A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0.

← Browse all CVEs View on cve.org ↗