GHSA-xwqh-5v9q-g7v9CriticalCVSS 9.8
Insufficient Session Expiration, Authentication Bypass by Capture-replay vulnerability in Apache...
🔗 CVE IDs covered (1)
📋 Description
Insufficient Session Expiration, Authentication Bypass by Capture-replay vulnerability in Apache IoTDB. REST Basic Authentication Accepts Stale Cached Credentials
This issue affects Apache IoTDB: from 1.0.0 before 2.0.10.
Users are recommended to upgrade to version 2.0.10, which fixes the issue.