Vulnerabilities > CVE-2023-33247 - Unspecified vulnerability in Talend Data Catalog 7.320210930
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint that allows an unauthenticated WAR file to be deployed on the server. (A mitigation is that the remote harvesting server should be behind a firewall that only allows access to the Talend Data Catalog server.)
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |