Search criteria
18 vulnerabilities found for doris by apache
FKIE_CVE-2024-48019
Vulnerability from fkie_nvd - Published: 2025-02-04 19:15 - Updated: 2025-06-09 19:49
Severity ?
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or Directories Accessible to External Parties vulnerability in Apache Doris.
Application administrators can read arbitrary
files from the server filesystem through path traversal.
Users are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/p70klgmyrgknhn0t195261wvwv5jw6hr | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/02/04/2 | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F80E2297-7690-4751-9027-10D1A6B9964F",
"versionEndExcluding": "2.1.8",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A690C58E-4B42-402D-B627-1E7D79E8AA83",
"versionEndExcluding": "3.0.3",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027), Files or Directories Accessible to External Parties vulnerability in Apache Doris.\n\n\nApplication administrators can read arbitrary\nfiles from the server filesystem through path traversal.\n\n\nUsers are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue."
},
{
"lang": "es",
"value": "Vulnerabilidad de limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\u0027Path Traversal\u0027), archivos o directorios accesibles a terceros en Apache Doris. Los administradores de aplicaciones pueden leer archivos arbitrarios del sistema de archivos del servidor mediante el path traversal. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.1.8, 3.0.3 o posterior, que soluciona el problema."
}
],
"id": "CVE-2024-48019",
"lastModified": "2025-06-09T19:49:43.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-04T19:15:31.733",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/p70klgmyrgknhn0t195261wvwv5jw6hr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2025/02/04/2"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-27438
Vulnerability from fkie_nvd - Published: 2024-03-21 10:15 - Updated: 2025-06-17 13:50
Severity ?
Summary
Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution.
Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check.
This issue affects Apache Doris: from 1.2.0 through 2.0.4.
Users are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6419B595-3483-47F6-8040-AB8A792253D8",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Download of Code Without Integrity Check vulnerability in Apache Doris.\nThe jdbc driver files used for JDBC catalog is not checked and may\u00a0resulting in remote command execution.\nOnce the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This\u00a0code snippet will be run when catalog is initializing without any check.\nThis issue affects Apache Doris: from 1.2.0 through 2.0.4.\n\nUsers are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue."
},
{
"lang": "es",
"value": "Descarga de C\u00f3digo Sin Integridad Check vulnerabilidad en Apache Doris. Los archivos del controlador jdbc utilizados para el cat\u00e1logo JDBC no est\u00e1n verificados y pueden provocar la ejecuci\u00f3n remota de comandos. Una vez que el atacante est\u00e1 autorizado a crear un cat\u00e1logo JDBC, puede utilizar un archivo jar de controlador arbitrario con un fragmento de c\u00f3digo no verificado. Este fragmento de c\u00f3digo se ejecutar\u00e1 cuando el cat\u00e1logo se inicialice sin ninguna verificaci\u00f3n. Este problema afecta a Apache Doris: desde 1.2.0 hasta 2.0.4. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.0.5 o 2.1.x, que soluciona el problema."
}
],
"id": "CVE-2024-27438",
"lastModified": "2025-06-17T13:50:01.197",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-21T10:15:08.370",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/1"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation"
],
"url": "https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation"
],
"url": "https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-26307
Vulnerability from fkie_nvd - Published: 2024-03-21 10:15 - Updated: 2025-06-17 13:50
Severity ?
Summary
Possible race condition vulnerability in Apache Doris.
Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.
This could theoretically happen, but the impact would be minimal.
This issue affects Apache Doris: before 1.2.8, before 2.0.4.
Users are recommended to upgrade to version 2.0.4, which fixes the issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B75564F-3C9C-452E-BD4C-6A9C706EE8B5",
"versionEndExcluding": "1.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7296FBE-665A-464B-8A52-5ED73CEA5D6A",
"versionEndExcluding": "2.0.4",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible race condition vulnerability in Apache Doris.\nSome of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.\nThis could theoretically happen, but the impact would be minimal.\nThis issue affects Apache Doris: before 1.2.8, before 2.0.4.\n\nUsers are recommended to upgrade to version 2.0.4, which fixes the issue."
},
{
"lang": "es",
"value": "Posible vulnerabilidad de condici\u00f3n de ejecuci\u00f3n en Apache Doris. Parte del c\u00f3digo que utiliza el m\u00e9todo `chmod()`. Este m\u00e9todo corre el riesgo de que alguien cambie el nombre del archivo por debajo del usuario y modifique el archivo incorrecto. En teor\u00eda, esto podr\u00eda suceder, pero el impacto ser\u00eda m\u00ednimo. Este problema afecta a Apache Doris: antes de 1.2.8, antes de 2.0.4. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.0.4, que soluciona el problema."
}
],
"id": "CVE-2024-26307",
"lastModified": "2025-06-17T13:50:12.777",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-21T10:15:07.527",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/2"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-41313
Vulnerability from fkie_nvd - Published: 2024-03-12 11:15 - Updated: 2025-06-30 12:14
Severity ?
Summary
The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.
Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2024/03/10/2 | Mailing List | |
| security@apache.org | https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/03/10/2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95 | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B75564F-3C9C-452E-BD4C-6A9C706EE8B5",
"versionEndExcluding": "1.2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.\nUsers are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue."
},
{
"lang": "es",
"value": "El m\u00e9todo de autenticaci\u00f3n en las versiones de Apache Doris anteriores a la 2.0.0 era vulnerable a ataques de sincronizaci\u00f3n. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.0.0 + o 1.2.8, que soluciona este problema."
}
],
"id": "CVE-2023-41313",
"lastModified": "2025-06-30T12:14:35.607",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-12T11:15:46.470",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/10/2"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-208"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-41314
Vulnerability from fkie_nvd - Published: 2023-12-18 09:15 - Updated: 2024-11-21 08:21
Severity ?
Summary
The api /api/snapshot and /api/get_log_file would allow unauthenticated access.
It could allow a DoS attack or get arbitrary files from FE node.
Please upgrade to 2.0.3 to fix these issues.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4 | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE7AFDE-BEB1-4AE9-8655-7019C2EF7DB3",
"versionEndExcluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The api /api/snapshot and /api/get_log_file would allow unauthenticated access.\nIt could allow a\u00a0DoS attack or get arbitrary files from FE node.\nPlease\u00a0upgrade to 2.0.3 to fix these issues."
},
{
"lang": "es",
"value": "La API /api/snapshot y /api/get_log_file permitir\u00edan el acceso no autenticado. Podr\u00eda permitir un ataque DoS u obtener archivos arbitrarios del nodo FE. Actualice a 2.0.3 para solucionar estos problemas."
}
],
"id": "CVE-2023-41314",
"lastModified": "2024-11-21T08:21:03.213",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-18T09:15:05.667",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-23942
Vulnerability from fkie_nvd - Published: 2022-04-26 16:15 - Updated: 2024-11-21 06:49
Severity ?
Summary
Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2022/04/26/2 | Mailing List, Third Party Advisory | |
| security@apache.org | http://www.openwall.com/lists/oss-security/2022/04/26/3 | Mailing List, Third Party Advisory | |
| security@apache.org | https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/04/26/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/04/26/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01302B57-ED2A-4C4C-AD61-88D6E25C5268",
"versionEndExcluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure."
},
{
"lang": "es",
"value": "Apache Doris, versiones anteriores a 1.0.0, usaba una clave y un IV embebidos para inicializar el cifrado usado para la contrase\u00f1a de ldap, lo que pod\u00eda conllevar a una revelaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2022-23942",
"lastModified": "2024-11-21T06:49:29.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-26T16:15:47.673",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-48019 (GCVE-0-2024-48019)
Vulnerability from cvelistv5 – Published: 2025-02-04 18:19 – Updated: 2025-02-07 21:20
VLAI?
Title
Apache Doris: allows admin users to read arbitrary files through the REST API
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or Directories Accessible to External Parties vulnerability in Apache Doris.
Application administrators can read arbitrary
files from the server filesystem through path traversal.
Users are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
2.1.0 , < 2.1.8
(semver)
Affected: 3.0.0 , < 3.0.3 (semver) |
Credits
Man Yue Mo of the GitHub Security Lab team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-02-04T19:02:30.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/04/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-48019",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T21:18:39.608676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T21:20:37.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.1.8",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThan": "3.0.3",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Man Yue Mo of the GitHub Security Lab team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027), Files or Directories Accessible to External Parties vulnerability in Apache Doris.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eApplication administrators can read arbitrary\nfiles from the server filesystem through path traversal.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027), Files or Directories Accessible to External Parties vulnerability in Apache Doris.\n\n\nApplication administrators can read arbitrary\nfiles from the server filesystem through path traversal.\n\n\nUsers are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T18:19:52.467Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/p70klgmyrgknhn0t195261wvwv5jw6hr"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: allows admin users to read arbitrary files through the REST API",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-48019",
"datePublished": "2025-02-04T18:19:52.467Z",
"dateReserved": "2024-10-08T12:27:54.136Z",
"dateUpdated": "2025-02-07T21:20:37.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27438 (GCVE-0-2024-27438)
Vulnerability from cvelistv5 – Published: 2024-03-21 09:39 – Updated: 2025-02-13 17:46
VLAI?
Title
Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution
Summary
Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution.
Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check.
This issue affects Apache Doris: from 1.2.0 through 2.0.4.
Users are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue.
Severity ?
No CVSS data available.
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
1.2.0 , ≤ 2.0.4
(semver)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:doris:1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "doris",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.0.4",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T17:40:13.729326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T17:40:16.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.345Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.0.4",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Download of Code Without Integrity Check vulnerability in Apache Doris.\u003cbr\u003eThe jdbc driver files used for JDBC catalog is not checked and may\u0026nbsp;resulting in remote command execution.\u003cbr\u003eOnce the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This\u0026nbsp;code snippet will be run when catalog is initializing without any check.\u003cbr\u003e\u003cp\u003eThis issue affects Apache Doris: from 1.2.0 through 2.0.4.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Download of Code Without Integrity Check vulnerability in Apache Doris.\nThe jdbc driver files used for JDBC catalog is not checked and may\u00a0resulting in remote command execution.\nOnce the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This\u00a0code snippet will be run when catalog is initializing without any check.\nThis issue affects Apache Doris: from 1.2.0 through 2.0.4.\n\nUsers are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494: Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T19:06:49.539Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27438",
"datePublished": "2024-03-21T09:39:21.894Z",
"dateReserved": "2024-02-25T14:09:13.555Z",
"dateUpdated": "2025-02-13T17:46:29.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26307 (GCVE-0-2024-26307)
Vulnerability from cvelistv5 – Published: 2024-03-21 09:38 – Updated: 2025-02-13 17:41
VLAI?
Title
Apache Doris: Possible race condition
Summary
Possible race condition vulnerability in Apache Doris.
Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.
This could theoretically happen, but the impact would be minimal.
This issue affects Apache Doris: before 1.2.8, before 2.0.4.
Users are recommended to upgrade to version 2.0.4, which fixes the issue.
Severity ?
No CVSS data available.
CWE
- CWE-362 - Possible race condition
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
0 , < 1.2.8
(semver)
Affected: 0 , < 2.0.4 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:doris:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "doris",
"vendor": "apache",
"versions": [
{
"lessThan": "2.0.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T19:25:51.953543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:28.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:07:19.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Possible race condition vulnerability in Apache Doris.\u003cbr\u003eSome of code using `chmod()` method. This method \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003erun the risk of someone renaming the file out from under user and chmodding the wrong file.\u003cbr\u003eThis could theoretically happen, but the impact would be minimal.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache Doris: before 1.2.8, before 2.0.4.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.0.4, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Possible race condition vulnerability in Apache Doris.\nSome of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.\nThis could theoretically happen, but the impact would be minimal.\nThis issue affects Apache Doris: before 1.2.8, before 2.0.4.\n\nUsers are recommended to upgrade to version 2.0.4, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362: Possible race condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:09:11.430Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: Possible race condition",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-26307",
"datePublished": "2024-03-21T09:38:19.368Z",
"dateReserved": "2024-02-17T01:50:01.548Z",
"dateUpdated": "2025-02-13T17:41:13.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41313 (GCVE-0-2023-41313)
Vulnerability from cvelistv5 – Published: 2024-03-12 10:16 – Updated: 2025-02-13 17:09
VLAI?
Title
Apache Doris: Timing Attack weakness
Summary
The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.
Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.
Severity ?
No CVSS data available.
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
0 , < 1.2.8
(semver)
|
Credits
Andrea Cosentino from Apache Software Foundation
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:05.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/10/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "doris",
"vendor": "apache",
"versions": [
{
"lessThan": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-41313",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T17:21:35.184184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T17:24:41.124Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Andrea Cosentino from Apache Software Foundation"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.\u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.\nUsers are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208: Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:07:54.553Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/10/2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Doris: Timing Attack weakness",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-41313",
"datePublished": "2024-03-12T10:16:23.638Z",
"dateReserved": "2023-08-28T15:45:59.249Z",
"dateUpdated": "2025-02-13T17:09:00.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41314 (GCVE-0-2023-41314)
Vulnerability from cvelistv5 – Published: 2023-12-18 08:27 – Updated: 2024-11-20 18:11
VLAI?
Title
Apache Doris: Missing API authentication allowed DoS
Summary
The api /api/snapshot and /api/get_log_file would allow unauthenticated access.
It could allow a DoS attack or get arbitrary files from FE node.
Please upgrade to 2.0.3 to fix these issues.
Severity ?
No CVSS data available.
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
1.2.0 , ≤ 2.0.3
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:05.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41314",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-05T16:52:48.590571Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T18:11:21.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.0.3",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The api /api/snapshot and /api/get_log_file would allow unauthenticated access.\u003cbr\u003eIt could allow a\u0026nbsp;DoS attack or get arbitrary files from FE node.\u003cbr\u003ePlease\u0026nbsp;upgrade to 2.0.3 to fix these issues."
}
],
"value": "The api /api/snapshot and /api/get_log_file would allow unauthenticated access.\nIt could allow a\u00a0DoS attack or get arbitrary files from FE node.\nPlease\u00a0upgrade to 2.0.3 to fix these issues."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T08:27:51.999Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: Missing API authentication allowed DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-41314",
"datePublished": "2023-12-18T08:27:51.999Z",
"dateReserved": "2023-08-28T15:52:14.092Z",
"dateUpdated": "2024-11-20T18:11:21.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23942 (GCVE-0-2022-23942)
Vulnerability from cvelistv5 – Published: 2022-04-26 16:05 – Updated: 2024-08-03 03:59
VLAI?
Title
Apache Doris hardcoded cryptography initialization
Summary
Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure.
Severity ?
No CVSS data available.
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris(Incubating) |
Affected:
0.15.0
|
Credits
We would like to thanks to Dwi Siswanto<me@dw1.io> for the report of this issue
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
},
{
"name": "[oss-security] 20220426 CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"name": "[oss-security] 20220426 [morningman@....com: CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Doris(Incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "0.15.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We would like to thanks to Dwi Siswanto\u003cme@dw1.io\u003e for the report of this issue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T02:06:08",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
},
{
"name": "[oss-security] 20220426 CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"name": "[oss-security] 20220426 [morningman@....com: CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris hardcoded cryptography initialization",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to 1.0.0 or higher will resolve this problem."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-23942",
"STATE": "PUBLIC",
"TITLE": "Apache Doris hardcoded cryptography initialization"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Doris(Incubating)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.15.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We would like to thanks to Dwi Siswanto\u003cme@dw1.io\u003e for the report of this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
},
{
"name": "[oss-security] 20220426 CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"name": "[oss-security] 20220426 [morningman@....com: CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization]",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Upgrade to 1.0.0 or higher will resolve this problem."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-23942",
"datePublished": "2022-04-26T16:05:10",
"dateReserved": "2022-01-25T00:00:00",
"dateUpdated": "2024-08-03T03:59:23.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-48019 (GCVE-0-2024-48019)
Vulnerability from nvd – Published: 2025-02-04 18:19 – Updated: 2025-02-07 21:20
VLAI?
Title
Apache Doris: allows admin users to read arbitrary files through the REST API
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or Directories Accessible to External Parties vulnerability in Apache Doris.
Application administrators can read arbitrary
files from the server filesystem through path traversal.
Users are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
2.1.0 , < 2.1.8
(semver)
Affected: 3.0.0 , < 3.0.3 (semver) |
Credits
Man Yue Mo of the GitHub Security Lab team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-02-04T19:02:30.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/04/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-48019",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T21:18:39.608676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T21:20:37.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.1.8",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThan": "3.0.3",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Man Yue Mo of the GitHub Security Lab team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027), Files or Directories Accessible to External Parties vulnerability in Apache Doris.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eApplication administrators can read arbitrary\nfiles from the server filesystem through path traversal.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027), Files or Directories Accessible to External Parties vulnerability in Apache Doris.\n\n\nApplication administrators can read arbitrary\nfiles from the server filesystem through path traversal.\n\n\nUsers are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T18:19:52.467Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/p70klgmyrgknhn0t195261wvwv5jw6hr"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: allows admin users to read arbitrary files through the REST API",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-48019",
"datePublished": "2025-02-04T18:19:52.467Z",
"dateReserved": "2024-10-08T12:27:54.136Z",
"dateUpdated": "2025-02-07T21:20:37.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27438 (GCVE-0-2024-27438)
Vulnerability from nvd – Published: 2024-03-21 09:39 – Updated: 2025-02-13 17:46
VLAI?
Title
Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution
Summary
Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution.
Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check.
This issue affects Apache Doris: from 1.2.0 through 2.0.4.
Users are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue.
Severity ?
No CVSS data available.
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
1.2.0 , ≤ 2.0.4
(semver)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:doris:1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "doris",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.0.4",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T17:40:13.729326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T17:40:16.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.345Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.0.4",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Download of Code Without Integrity Check vulnerability in Apache Doris.\u003cbr\u003eThe jdbc driver files used for JDBC catalog is not checked and may\u0026nbsp;resulting in remote command execution.\u003cbr\u003eOnce the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This\u0026nbsp;code snippet will be run when catalog is initializing without any check.\u003cbr\u003e\u003cp\u003eThis issue affects Apache Doris: from 1.2.0 through 2.0.4.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Download of Code Without Integrity Check vulnerability in Apache Doris.\nThe jdbc driver files used for JDBC catalog is not checked and may\u00a0resulting in remote command execution.\nOnce the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This\u00a0code snippet will be run when catalog is initializing without any check.\nThis issue affects Apache Doris: from 1.2.0 through 2.0.4.\n\nUsers are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494: Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T19:06:49.539Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27438",
"datePublished": "2024-03-21T09:39:21.894Z",
"dateReserved": "2024-02-25T14:09:13.555Z",
"dateUpdated": "2025-02-13T17:46:29.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26307 (GCVE-0-2024-26307)
Vulnerability from nvd – Published: 2024-03-21 09:38 – Updated: 2025-02-13 17:41
VLAI?
Title
Apache Doris: Possible race condition
Summary
Possible race condition vulnerability in Apache Doris.
Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.
This could theoretically happen, but the impact would be minimal.
This issue affects Apache Doris: before 1.2.8, before 2.0.4.
Users are recommended to upgrade to version 2.0.4, which fixes the issue.
Severity ?
No CVSS data available.
CWE
- CWE-362 - Possible race condition
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
0 , < 1.2.8
(semver)
Affected: 0 , < 2.0.4 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:doris:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "doris",
"vendor": "apache",
"versions": [
{
"lessThan": "2.0.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T19:25:51.953543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:28.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:07:19.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Possible race condition vulnerability in Apache Doris.\u003cbr\u003eSome of code using `chmod()` method. This method \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003erun the risk of someone renaming the file out from under user and chmodding the wrong file.\u003cbr\u003eThis could theoretically happen, but the impact would be minimal.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache Doris: before 1.2.8, before 2.0.4.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.0.4, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Possible race condition vulnerability in Apache Doris.\nSome of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.\nThis could theoretically happen, but the impact would be minimal.\nThis issue affects Apache Doris: before 1.2.8, before 2.0.4.\n\nUsers are recommended to upgrade to version 2.0.4, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362: Possible race condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:09:11.430Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/21/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: Possible race condition",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-26307",
"datePublished": "2024-03-21T09:38:19.368Z",
"dateReserved": "2024-02-17T01:50:01.548Z",
"dateUpdated": "2025-02-13T17:41:13.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41313 (GCVE-0-2023-41313)
Vulnerability from nvd – Published: 2024-03-12 10:16 – Updated: 2025-02-13 17:09
VLAI?
Title
Apache Doris: Timing Attack weakness
Summary
The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.
Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.
Severity ?
No CVSS data available.
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
0 , < 1.2.8
(semver)
|
Credits
Andrea Cosentino from Apache Software Foundation
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:05.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/10/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "doris",
"vendor": "apache",
"versions": [
{
"lessThan": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-41313",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T17:21:35.184184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T17:24:41.124Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Andrea Cosentino from Apache Software Foundation"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.\u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.\nUsers are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208: Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:07:54.553Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/10/2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Doris: Timing Attack weakness",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-41313",
"datePublished": "2024-03-12T10:16:23.638Z",
"dateReserved": "2023-08-28T15:45:59.249Z",
"dateUpdated": "2025-02-13T17:09:00.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41314 (GCVE-0-2023-41314)
Vulnerability from nvd – Published: 2023-12-18 08:27 – Updated: 2024-11-20 18:11
VLAI?
Title
Apache Doris: Missing API authentication allowed DoS
Summary
The api /api/snapshot and /api/get_log_file would allow unauthenticated access.
It could allow a DoS attack or get arbitrary files from FE node.
Please upgrade to 2.0.3 to fix these issues.
Severity ?
No CVSS data available.
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris |
Affected:
1.2.0 , ≤ 2.0.3
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:05.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41314",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-05T16:52:48.590571Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T18:11:21.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Doris",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.0.3",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The api /api/snapshot and /api/get_log_file would allow unauthenticated access.\u003cbr\u003eIt could allow a\u0026nbsp;DoS attack or get arbitrary files from FE node.\u003cbr\u003ePlease\u0026nbsp;upgrade to 2.0.3 to fix these issues."
}
],
"value": "The api /api/snapshot and /api/get_log_file would allow unauthenticated access.\nIt could allow a\u00a0DoS attack or get arbitrary files from FE node.\nPlease\u00a0upgrade to 2.0.3 to fix these issues."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T08:27:51.999Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris: Missing API authentication allowed DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-41314",
"datePublished": "2023-12-18T08:27:51.999Z",
"dateReserved": "2023-08-28T15:52:14.092Z",
"dateUpdated": "2024-11-20T18:11:21.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23942 (GCVE-0-2022-23942)
Vulnerability from nvd – Published: 2022-04-26 16:05 – Updated: 2024-08-03 03:59
VLAI?
Title
Apache Doris hardcoded cryptography initialization
Summary
Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure.
Severity ?
No CVSS data available.
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Doris(Incubating) |
Affected:
0.15.0
|
Credits
We would like to thanks to Dwi Siswanto<me@dw1.io> for the report of this issue
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
},
{
"name": "[oss-security] 20220426 CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"name": "[oss-security] 20220426 [morningman@....com: CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Doris(Incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "0.15.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We would like to thanks to Dwi Siswanto\u003cme@dw1.io\u003e for the report of this issue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T02:06:08",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
},
{
"name": "[oss-security] 20220426 CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"name": "[oss-security] 20220426 [morningman@....com: CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Doris hardcoded cryptography initialization",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to 1.0.0 or higher will resolve this problem."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-23942",
"STATE": "PUBLIC",
"TITLE": "Apache Doris hardcoded cryptography initialization"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Doris(Incubating)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.15.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "We would like to thanks to Dwi Siswanto\u003cme@dw1.io\u003e for the report of this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/com2dyzp3bn2rdrotry90q2zzord4tvt"
},
{
"name": "[oss-security] 20220426 CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/2"
},
{
"name": "[oss-security] 20220426 [morningman@....com: CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization]",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/04/26/3"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Upgrade to 1.0.0 or higher will resolve this problem."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-23942",
"datePublished": "2022-04-26T16:05:10",
"dateReserved": "2022-01-25T00:00:00",
"dateUpdated": "2024-08-03T03:59:23.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}