QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-31065

Back to search

CVE-2023-31065

Published: May 22, 2023

Modified: Oct 9, 2024

PUBLISHED

Description

Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0.  An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 , https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it.

VendorProductVersions

Apache Software Foundation

Apache InLong

affected
1.4.0 - <= 1.6.0

Weaknesses (CWE)

CWE-613

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now