CVE-2020-13937: Insecure Storage of Sensitive Information

October 19, 2020 (updated October 29, 2020)

Apache Kylin has one restful api which exposed Kylin’s configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone.

References

nvd.nist.gov/vuln/detail/CVE-2020-13937

Detect and mitigate CVE-2020-13937 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →