Auth bypass in Apache Pulsar

CVE-2023-31007

Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if the client connected through the Pulsar Proxy when the broker is co…

Vulnerability class: Broken Authentication

EPSS: 0.007 (49.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References