CVE-2024-36265
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine
CVSS
9.8
Crítico
EPSS
0.7%
p50
KEV
—
Exploit Today
15
0-100
Publicado: 12 jun 2024 · Última mod.: 14 jul 2026 · CWE-863
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. An attacker can bypass authentication by sending specially crafted REST requests. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.