Cyber Monday Killer Deals: Save $90 on Honeywell Home Smart Thermostat RTH9580EWF
CVE-2024-34457
6.5MEDIUM
What is CVE-2024-34457?
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone's user flink information, including executeSQL and config.
Mitigation:
all users should upgrade to 2.1.4
Affected Version(s)
Apache StreamPark 1.0.0 < 2.1.4