CVE-2023-34463: Unauthorized users can delete applications in DataEase
First published: Mon Jun 26 2023(Updated: )
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized users can delete an application erroneously. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dataease | <1.18.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-34463?
CVE-2023-34463 is a vulnerability in DataEase, an open source data visualization analysis tool, that allows unauthorized users to delete an application erroneously.
What is the severity of CVE-2023-34463?
CVE-2023-34463 has a severity rating of 8.1, which is considered high.
How can I fix CVE-2023-34463?
To fix CVE-2023-34463, you should upgrade to version 1.18.8 of DataEase.
Where can I find more information about CVE-2023-34463?
You can find more information about CVE-2023-34463 in the official GitHub Security Advisory: https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj
What is the CWE ID of CVE-2023-34463?
The CWE ID of CVE-2023-34463 is 862.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/first-publish-date
- agent/author
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dataease
- canonical/dataease