CVE-2020-1952

Summary

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.

Affected Software

VendorProductVersion RangeStatus
ApacheIoTDB0.9.0 to 0.9.1affected
ApacheIoTDB0.8.0 to 0.8.2affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References