DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized users can delete an application erroneously. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Link | Resource |
---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj | Exploit Vendor Advisory |
Configurations
History
05 Jul 2023, 18:29
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
First Time |
Dataease
Dataease dataease |
|
CPE | cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj - Exploit, Vendor Advisory |
26 Jun 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-26 21:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-34463
Mitre link : CVE-2023-34463
CVE.ORG link : CVE-2023-34463
JSON object : View
Products Affected
dataease
- dataease
CWE
CWE-862
Missing Authorization