Vulnerabilities > CVE-2024-30471 - Unspecified vulnerability in Apache Streampipes

CVSS 3.7 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

high complexity

apache

NVD

Published: 2024-07-17

Updated: 2024-11-21

Summary

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache StreamPipes in user self-registration. This allows an attacker to potentially request the creation of multiple accounts with the same email address until the email address is registered, creating many identical users and corrupting StreamPipe's user management. This issue affects Apache StreamPipes: through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Streampipes 0.55.1 Apache Streampipes 0.55.2 Apache Streampipes 0.60.0 Apache Streampipes 0.60.1 Apache Streampipes 0.61.0 Apache Streampipes 0.62.0 Apache Streampipes 0.63.0 Apache Streampipes 0.64.0 Apache Streampipes 0.65.0 Apache Streampipes 0.66.0 Apache Streampipes 0.67.0 Apache Streampipes 0.68.0 Apache Streampipes 0.69.0 Apache Streampipes 0.70.0 Apache Streampipes 0.90.0 Apache Streampipes 0.91.0 Apache Streampipes 0.92.0 Apache Streampipes 0.93.0	18

Summary

Vulnerable Configurations

References