CVE-2023-48396 | Apache SeaTunnel Web 1.0.0 application.yml authentication spoofing
A vulnerability was found in Apache SeaTunnel Web 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /seatunnel-server/seatunnel-app/src/main/resources/application.yml. The manipulation leads to authentication bypass by spoofing.
This vulnerability is known as CVE-2023-48396. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.