cvedb.io
CVE-2023-31469
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2023-06-23T08:15:09.220 · Last modified 2026-06-17T05:57:02.003

Summary

A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0.

Affected products

apache — streampipes

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.