← volver
CVE-2022-38370

No authorization of DatabaseConnectController in grafana-connector.

EPSS 1.1%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
05 sep 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.