Rewterz Threat Advisory – Multiple Apache OFBiz Vulnerabilities
December 27, 2023Rewterz Threat Advisory – Multiple Apache Airflow Vulnerabilities
December 27, 2023Rewterz Threat Advisory – Multiple Apache OFBiz Vulnerabilities
December 27, 2023Rewterz Threat Advisory – Multiple Apache Airflow Vulnerabilities
December 27, 2023Severity
High
Analysis Summary
CVE-2023-51656
Apache IoTDB could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Sync Tool. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-51656
Affected Vendors
Apache
Affected Products
- Apache IoTDB 0.13.0
- Apache IoTDB 0.13.4
Remediation
Upgrade to the latest version of Apache IoTDB, available from the Apache Website.