CVE-2023-48396

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue affects Apache SeaTunnel: 1.0.0. Users are recommended to upgrade to version 1.0.1, which fixes the issue.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2024/07/30/1	Mailing List Third Party Advisory
https://lists.apache.org/thread/1tdxfjksx0vb9gtyt77wlr6rdcy1qwmw	Mailing List Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/07/30/1	Mailing List Third Party Advisory
https://lists.apache.org/thread/1tdxfjksx0vb9gtyt77wlr6rdcy1qwmw	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:seatunnel:1.0.0:*:*:*:*:*:*:*

History

10 Jul 2025, 18:49

Type	Values Removed	Values Added
First Time		Apache Apache seatunnel
References	~~() http://www.openwall.com/lists/oss-security/2024/07/30/1 -~~	() http://www.openwall.com/lists/oss-security/2024/07/30/1 - Mailing List, Third Party Advisory
References	~~() https://lists.apache.org/thread/1tdxfjksx0vb9gtyt77wlr6rdcy1qwmw -~~	() https://lists.apache.org/thread/1tdxfjksx0vb9gtyt77wlr6rdcy1qwmw - Mailing List, Vendor Advisory
CPE		cpe:2.3:a:apache:seatunnel:1.0.0:::::::*

Information

Published : 2024-07-30 09:15

Updated : 2025-07-10 18:49

NVD link : CVE-2023-48396

Mitre link : CVE-2023-48396

CVE.ORG link : CVE-2023-48396

JSON object : View

Products Affected

apache

seatunnel

CWE

CWE-290

Authentication Bypass by Spoofing

{"id": "CVE-2023-48396", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2024-07-30T09:15:02.540", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/07/30/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread/1tdxfjksx0vb9gtyt77wlr6rdcy1qwmw", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/30/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread/1tdxfjksx0vb9gtyt77wlr6rdcy1qwmw", "tags": ["Mailing List", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-290"}]}], "descriptions": [{"lang": "en", "value": "Web Authentication vulnerability in Apache SeaTunnel.\u00a0Since the jwt key is hardcoded in the application, an attacker can forge\nany token to log in any user.\n\nAttacker can get\u00a0secret key in\u00a0/seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token.\nThis issue affects Apache SeaTunnel: 1.0.0.\n\nUsers are recommended to upgrade to version 1.0.1, which fixes the issue."}, {"lang": "es", "value": " Vulnerabilidad de autenticaci\u00f3n web en Apache SeaTunnel. Dado que la clave jwt est\u00e1 codificada en la aplicaci\u00f3n, un atacante puede falsificar cualquier token para iniciar sesi\u00f3n en cualquier usuario. El atacante puede obtener la clave secreta en /seatunnel-server/seatunnel-app/src/main/resources/application.yml y luego crear un token. Este problema afecta a Apache SeaTunnel: 1.0.0. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.0.1, que soluciona el problema."}], "lastModified": "2025-07-10T18:49:05.210", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:seatunnel:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2275FCE7-D9F5-4541-8193-85423472BC64"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}