CVE-2022-38370

Missing Authorization in maven/org.apache.iotdb/iotdb-grafana-connector

Identifiers

GHSA-c86f-9grv-pmqf, CVE-2022-38370

Package Slug

maven/org.apache.iotdb/iotdb-grafana-connector

Vulnerability

Missing Authorization

Description

Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.

Affected Versions

All versions before 0.13.1

Solution

Upgrade to version 0.13.1 or above.

Last Modified

2022-09-15

source