CNNVD-202510-358 Information

CNNVD ID

CNNVD-202510-358

Related CVE

CVE-2025-61733

• CNNVD Published: 2025-10-02

Description (Chinese)

Apache Kylin是美国阿帕奇（Apache）基金会的一款开源的分布式分析型数据仓库。该产品主要提供Hadoop/Spark之上的SQL查询接口及多维分析（OLAP）等功能。 Apache Kylin 4.0.0版本至5.0.2版本存在安全漏洞，该漏洞源于使用替代路径或通道绕过身份验证。

Description (English)

Apache Kylin is an open source, distributed and analytical data warehouse for the Apache Foundation in the United States. The product provides, inter alia, SQL query interfaces and multi-dimensional analysis (OLAPs) on Hadoop/Spark. There is a security gap between Appache Kylin Versions 4.0.0 to 5.0.2, which stems from the use of alternative pathways or channels to bypass identification.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-10-02

Last Modified

2026-02-24

References

https://lists.apache.org/thread/8wmcffly6gp50nmfw8j4w3hlmv843yo0

Patch

https://kylin.apache.org/