CVE-2020-1952
published 2020-04-27CVE-2020-1952: An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | iotdb | — | — |
| apache | iotdb | — | — |
| apache | iotdb | 0.8.0 – 0.8.2 | — |
| apache | iotdb | 0.9.0 – 0.9.1 | — |