CVE-2023-37579MEDIUMCVSS 6.5fixed in 2.10.4ยทv2.11.02023-07-12
CVE-2023-37579 [HIGH] CWE-863 CVE-2023-37579: Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker.
Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker.
This issue affects Apache Pulsar: before 2.10.4, and 2.11.0.
Any authenticated user can retrieve a source's configuration or a sink's configuration without authorization. Many sources and sinks contain credentials in the configuration, which could lead t
cvelistv5nvd