CVE-2023-43667

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 16, 2023

Updated: Oct 19, 2023

CWE ID 89

Summary

CVE-2023-43667 is a vulnerability affecting Apache InLong versions 1.4.0 through 1.8.0. An SQL Injection issue puts these versions at risk, allowing attackers to create misleading or false records. This vulnerability makes it difficult to audit and trace malicious activities. To mitigate the risk, users are advised to upgrade to Apache InLong's 1.8.0 or implement the solution suggested in the linked GitHub pull request.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apache Software Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/svy29p
https://www.cve.org/CVERecord?id=CVE-2023-43667
https://nvd.nist.gov/vuln/detail/CVE-2023-43667

Back to Vulnerability Database

CVE-2023-43667

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations