Vulnerability CVE-2023-41314
Published: 2023-12-18

Description:
The api /api/snapshot and /api/get_log_file would allow unauthenticated access.
It could allow a DoS attack or get arbitrary files from FE node.
Please upgrade to 2.0.3 to fix these issues.

Type:

CWE-863

 (Incorrect Authorization)

 References:
https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4
Copyright 2026, cxsecurity.com

 

Back to Top