CPE-653998E6-8B44-45A9-845B-4EA4B1973ED6 Detail

CPE Details

YugabyteDB 2.6.1

Vendor

yugabyte

Product

yugabytedb

Version

2.6.1

Created

2022-08-16
10h55 +00:00

Modified

2022-08-16
12h42 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:yugabyte:yugabytedb:2.6.1:::::::*

Informations

Vendor

yugabyte

Product

yugabytedb

Version

2.6.1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-6001	2023-11-07 23h25 +00:00	Prometheus metrics are available without authentication. These expose detailed and sensitive information about the YugabyteDB Anywhere environment.	7.5	High
CVE-2023-4640	2023-08-30 16h42 +00:00	The controller responsible for setting the logging level does not include any authorization checks to ensure the user is authenticated. This can be seen by noting that it extends Controller rather than AuthenticatedController and includes no further checks. This issue affects YugabyteDB Anywhere: from 2.0.0 through 2.17.3	7.5	High
CVE-2022-37397	2022-08-12 16h01 +00:00	An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password.	9.8	Critical

YugabyteDB 2.6.1

CPE Details

CPE Name: cpe:2.3:a:yugabyte:yugabytedb:2.6.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:yugabyte:yugabytedb:2.6.1:::::::*