The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.
Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.
CVSS
No CVSS.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2024-03-12T10:16:23.638Z
Updated: 2024-03-12T10:16:23.638Z
Reserved: 2023-08-28T15:45:59.249Z
Link: CVE-2023-41313
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-03-12T11:15:46.470
Modified: 2024-05-01T18:15:10.040
Link: CVE-2023-41313
JSON object: View
Redhat Information
No data.
CWE