Files or Directories Accessible to External Parties

CVE-2023-31064

High

7.5/10

Summary

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0-incubating-RC0 through 1.6.0-RC0. The user in InLong could cancel an application that doesn't belong to it.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-552 - Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

References

Advisory
Issue
Pull request

Advisory Timeline

Published May 22, 2023

Files or Directories Accessible to External Parties

CVE-2023-31064

Summary

CWE-552 - Files or Directories Accessible to External Parties

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS