🔴 《严重安全漏洞:CVE-2026-58319》

CVSS 评分: 严重(9.1)  状态: Analyzed  发布时间: 2026-07-14


漏洞描述

Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated attacker with network access to the FE HTTP service could perform unauthorized administrative operations, potentially affecting cluster integrity and availability and leading to cluster instability or denial of service.

This issue affects Apache Doris versions prior to 3.1.0. Users are advised to upgrade to Apache Doris 3.1.0 or later.


🔍 技术细节

字段
CVE ID CVE-2026-58319
CVSS 评分 9.1 🔴
严重程度 严重
CVSS 向量 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE 分类 CWE-306
发布时间 2026-07-14
最后更新 2026-07-14
状态 Analyzed
数据来源 security@apache.org

🔗 参考链接