Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete others' subscriptions, even if they are not the owner
of the deleted subscription. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.
[1]
https://github.com/apache/inlong/pull/7949 https://github.com/apache/inlong/pull/7949
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-05-22T13:25:47.820Z
Updated: 2024-08-02T14:53:31.072Z
Reserved: 2023-04-28T09:51:46.162Z
Link: CVE-2023-31453
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-05-22T14:15:09.643
Modified: 2023-05-27T01:20:20.410
Link: CVE-2023-31453
Redhat
No data.