CVE-2023-50709

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 13, 2023

Updated: Dec 19, 2023

CWE ID 20

Summary

CVE-2023-50709 affects the Cube semantic layer for data applications, allowing an attacker to make the entire Cube API unavailable by submitting a maliciously crafted request to a Cube API endpoint. This vulnerability, which has been patched in version 0.34.34, can result in service disruption for public-facing Cube APIs. Older versions do not offer a workaround, making an upgrade to the latest version the recommended course of action.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/txTIyp
https://www.cve.org/CVERecord?id=CVE-2023-50709
https://nvd.nist.gov/vuln/detail/CVE-2023-50709

Back to Vulnerability Database

CVE-2023-50709

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations