Unauthenticated Access to Internal Database Structure in Apache IoTDB Grafana-Connector 0.13.0

Unauthenticated Access to Internal Database Structure in Apache IoTDB Grafana-Connector 0.13.0

CVE-2022-38370 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.

Learn more about our Internal Network Penetration Testing.