CVE-2018-1320
Published at:
-
07-01-2019 06:29
Last modified:
-
30-03-2022 04:15
Total changes:
-
6
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
None
Availability
None
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
7.5
Base score
3.9
3.6
Exploitability score
Impact score
Verification logic
Reference
- https://lists.apache.org/thread.html/da5234b5e78f1c99190407f791dfe1bf6c58de8d30d15974a9669be3@%3Cuser.thrift.apache.org%3E
- 106551-Third Party Advisory, VDB Entry
- [debian-lts-announce] 20190206 [SECURITY] [DLA 1662-1] libthrift-java security update-Mailing List, Third Party Advisory
- [infra-devnull] 20190324 [GitHub] [thrift] luciferous opened pull request #1771: THRIFT-4506: fix use of assert for correctness in Java SASL negotiation-Mailing List, Vendor Advisory
- https://support.f5.com/csp/article/K36361684
- [storm-user] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version-Mailing List, Vendor Advisory
- [storm-dev] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version-Mailing List, Vendor Advisory
- [announce] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version-Mailing List, Vendor Advisory
- [oss-security] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version-Mailing List, Third Party Advisory
- RHSA-2019:2413-Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities-Mailing List, Vendor Advisory
- [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities-Mailing List, Vendor Advisory
- [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities-Mailing List, Vendor Advisory
- [cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15422) CVE-2018-1320(The libthrift component is vulnerable to Improper Access Control) on Cassendra 3.11.4-Mailing List, Vendor Advisory
- [cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
- [cassandra-commits] 20191119 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
- [cassandra-commits] 20191119 [jira] [Assigned] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
- N/A-Third Party Advisory
- [cassandra-commits] 20200604 [jira] [Created] (CASSANDRA-15856) Security vulnerabilities with dependency jars of Cassandra 3.11.6-Mailing List, Vendor Advisory
- [cassandra-commits] 20210323 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
- [cassandra-commits] 20210415 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
- [cassandra-commits] 20210415 [jira] [Commented] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
- [cassandra-commits] 20210415 [jira] [Comment Edited] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
- [cassandra-commits] 20210924 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control)-Mailing List, Vendor Advisory
Keywords