cvedb.io
CVE-2023-27987
CRITICAL · CVSS 9.1
EPSS exploitation probability: 0%
Published 2023-04-10T08:15:07.180 · Last modified 2026-06-17T05:46:19.280

Summary

In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values. We recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1] https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token

Affected products

apache — linkis

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.