CVE-2023-31065: Apache InLong: Insufficient Session Expiration in InLong
First published: Mon May 22 2023(Updated: )
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 , https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it.
Credit: security@apache.org security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache InLong | >=1.4.0<=1.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-31065?
CVE-2023-31065 is an Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.
How does CVE-2023-31065 affect Apache InLong?
CVE-2023-31065 affects Apache InLong versions 1.4.0 through 1.6.0.
What is the severity of CVE-2023-31065?
CVE-2023-31065 has a severity rating of 9.1 (critical).
How can an attacker exploit CVE-2023-31065?
An attacker can use an old session even after the user has been deleted or the password has been changed.
How can I fix CVE-2023-31065?
Users are advised to upgrade to a version of Apache InLong that is not affected by this vulnerability.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/author
- agent/title
- agent/weakness
- agent/severity
- agent/references
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/apache
- canonical/apache inlong
- version/apache inlong/1.4.0
- version/apache inlong/1.6.0