Apache Submarine Server Core: authorization bypass

CVE-2024-36265

Currently unrated 🤨

Key Information

Vendor: Apache
Status: Apache Submarine Server Core
Vendor: CVE Published:; 12 June 2024

Summary

** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Affected Version(s)

Apache Submarine Server Core <= 0.8.0

Timeline

Vulnerability published.
Jun 12, 2024

Collectors

NVD DatabaseMitre Database

Credit

L0ne1y