Vulnerabilities > CVE-2024-31411 - Unspecified vulnerability in Apache Streampipes

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

apache

NVD

Published: 2024-07-17

Updated: 2024-11-21

Summary

Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution (RCE). The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache StreamPipes: through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Streampipes 0.55.1 Apache Streampipes 0.55.2 Apache Streampipes 0.60.0 Apache Streampipes 0.60.1 Apache Streampipes 0.61.0 Apache Streampipes 0.62.0 Apache Streampipes 0.63.0 Apache Streampipes 0.64.0 Apache Streampipes 0.65.0 Apache Streampipes 0.66.0 Apache Streampipes 0.67.0 Apache Streampipes 0.68.0 Apache Streampipes 0.69.0 Apache Streampipes 0.70.0 Apache Streampipes 0.90.0 Apache Streampipes 0.91.0 Apache Streampipes 0.92.0 Apache Streampipes 0.93.0	18

Summary

Vulnerable Configurations

References