cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-36448,https://securityvulnerability.io/vulnerability/CVE-2024-36448,UNSUPPORTED: Apache IoTDB Workbench SVRF Vulnerability Affects Retired Product,"A Server-Side Request Forgery (SSRF) vulnerability exists in the Apache IoTDB Workbench, specifically beginning from version 0.13.0. This issue arises due to a lack of adequate input validation, permitting attackers to craft requests to internal systems and potentially expose sensitive information. As Apache IoTDB Workbench is an unsupported project, no patches or updates are planned to mitigate this vulnerability. Users are advised to either seek alternative solutions or enforce strict access controls to limit exposure to trusted users only.",Apache,Apache Iotdb Workbench,7.3,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-08-05T09:53:38.194Z,0
CVE-2023-30771,https://securityvulnerability.io/vulnerability/CVE-2023-30771,Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench,"An incorrect authorization vulnerability exists in the iotdb-web-workbench component of Apache IoTDB, affecting version 0.13.3. This component serves as a web console for database management but lacks proper authorization checks, potentially allowing unauthorized users to access secured functions. Users are advised to upgrade to version 0.13.4 or later to mitigate this security risk.",Apache,Apache Iotdb Workbench,9.8,CRITICAL,0.04585999995470047,false,,false,false,false,,,false,false,,2023-04-17T08:15:00.000Z,0
CVE-2023-24829,https://securityvulnerability.io/vulnerability/CVE-2023-24829,Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench,"An Incorrect Authorization vulnerability has been identified in the Apache IoTDB project's web workbench component. This issue affects versions 0.13.0 through 0.13.2 and could allow unauthorized users to gain access to sensitive functionalities. The web workbench serves as a console for managing the IoTDB database, making this a significant security concern. Users are advised to upgrade to version 0.13.3 or later to mitigate this vulnerability and protect their systems.",Apache,Apache IoTDB Workbench,8.8,HIGH,0.0022499999031424522,false,,false,false,false,,,false,false,,2023-01-31T10:15:00.000Z,0
CVE-2023-24830,https://securityvulnerability.io/vulnerability/CVE-2023-24830,Apache IoTDB Workbench: apache/iotdb-web-workbench: create a user without authorization,"An improper authentication vulnerability exists in the iotdb-web-workbench component of Apache IoTDB, affecting versions prior to 0.13.3. This flaw could allow unauthorized users to access restricted areas of the web workbench, potentially exposing sensitive data and resources.",Apache,Apache IoTDB Workbench,7.5,HIGH,0.0016299999551847577,false,,false,false,false,,,false,false,,2023-01-30T17:15:00.000Z,0