Privilege Escalation in Apache StreamPipes REST Interface

Privilege Escalation in Apache StreamPipes REST Interface

CVE-2023-31469 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0.

Learn more about our Cis Benchmark Audit For Apache Http Server.