The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.
Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.
Metrics
Affected Vendors & Products
References
History
Thu, 13 Feb 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apache
Apache doris |
|
CPEs | cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:* | |
Vendors & Products |
Apache
Apache doris |
|
Metrics |
ssvc
|
Thu, 13 Feb 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue. | The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue. |

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-02-13T17:09:00.819Z
Reserved: 2023-08-28T15:45:59.249Z
Link: CVE-2023-41313

Updated: 2024-08-02T18:54:05.087Z

Status : Awaiting Analysis
Published: 2024-03-12T11:15:46.470
Modified: 2025-02-13T17:17:06.707
Link: CVE-2023-41313

No data.