Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0.
The attacker can bind any cluster, even if he is not the cluster owner. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.[1]
https://github.com/apache/inlong/pull/7947 https://github.com/apache/inlong/pull/7947
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-05-22T13:23:17.332Z
Updated: 2024-08-02T14:53:30.874Z
Reserved: 2023-04-28T09:57:36.175Z
Link: CVE-2023-31454
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-05-22T14:15:09.697
Modified: 2023-05-27T01:26:39.903
Link: CVE-2023-31454
Redhat
No data.