Vulnerabilities > CVE-2023-41314 - Incorrect Authorization vulnerability in Apache Doris
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
HIGH Summary
The api /api/snapshot and /api/get_log_file would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |