CVE-2023-37544HIGHCVSS 7.5≥ 2.8.0, ≤ 2.8.*·≥ 2.9.0, ≤ 2.9.*+3 more2023-12-20
CVE-2023-37544 [HIGH] CWE-287 CVE-2023-37544: Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect
Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication.
This issue affects Apache Pulsar WebSocket Proxy: from 2.8.0 through 2.8.*, from 2.9.0 through 2.9.*, from 2.10.0 through 2.10.4, from 2.11.0 through 2.11.1, 3.0.0.
The known risks include a denial of
cvelistv5nvd