Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Apache InLong: Insufficient Session Expiration in InLong
Vulnerability Description
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 , https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it.
CVSS Information
N/A
Vulnerability Type
不充分的会话过期机制
Vulnerability Title
Apache InLong 代码问题漏洞
Vulnerability Description
Apache InLong是美国阿帕奇(Apache)基金会的一站式的海量数据集成框架。提供自动化、安全、可靠的数据传输能力。 Apache InLong 1.4.0版本至1.6.0版本存在代码问题漏洞,该漏洞源于会话过期判定存在逻辑错误。攻击者利用该漏洞可以使用旧cookie登录账户,访问敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A