{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "2.0.0" }, { "introduced": "0" }, { "last_affected": "2.1.0" }, { "introduced": "0" }, { "last_affected": "2.2.0" }, { "introduced": "0" }, { "last_affected": "2.3.0" }, { "introduced": "0" }, { "last_affected": "2.3.1" }, { "introduced": "0" }, { "last_affected": "2.3.2" }, { "introduced": "0" }, { "last_affected": "2.4.0" }, { "introduced": "0" }, { "last_affected": "2.4.1" }, { "introduced": "0" }, { "last_affected": "2.5.0" }, { "introduced": "0" }, { "last_affected": "2.5.1" }, { "introduced": "0" }, { "last_affected": "2.5.2" }, { "introduced": "0" }, { "last_affected": "2.6.0" }, { "introduced": "0" }, { "last_affected": "2.6.1" }, { "introduced": "0" }, { "last_affected": "2.6.2" }, { "introduced": "0" }, { "last_affected": "2.6.3" }, { "introduced": "0" }, { "last_affected": "2.6.4" }, { "introduced": "0" }, { "last_affected": "2.6.5" }, { "introduced": "0" }, { "last_affected": "2.6.6" }, { "introduced": "0" }, { "last_affected": "3.0.0-NA" }, { "introduced": "0" }, { "last_affected": "3.0.0-alpha" }, { "introduced": "0" }, { "last_affected": "3.0.0-alpha2" }, { "introduced": "0" }, { "last_affected": "3.0.0-beta" }, { "introduced": "0" }, { "last_affected": "3.0.1" }, { "introduced": "0" }, { "last_affected": "3.0.2" }, { "introduced": "0" }, { "last_affected": "3.1.0" }, { "introduced": "0" }, { "last_affected": "4.0.0-alpha" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "375fd807c281d8c5deff0620747c806be2019782" }, { "introduced": "0" }, { "last_affected": "562dd173aaf6b398be8e053f896755b3afe8137f" }, { "introduced": "0" }, { "last_affected": "850c0a6a3b9296d26121f9986701bb191921b1bf" }, { "introduced": "0" }, { "last_affected": "1179ee72d0a2a2c629a649751ef43ae9e82dc87a" }, { "introduced": "0" }, { "last_affected": "928cc1628c546efe7ec348c467f5d26607c8d7e6" }, { "introduced": "0" }, { "last_affected": "8247ffc2d8a8a20381575389ffb3834d784ad4ce" }, { "introduced": "0" }, { "last_affected": "b450cc52f976ddafba7c6625d2440670af94332b" }, { "introduced": "0" }, { "last_affected": "5606c32e236b4443ca81eb15a575c46b87e3868c" }, { "introduced": "0" }, { "last_affected": "158f8768debe99746c66e516e4596707a476d7d6" }, { "introduced": "0" }, { "last_affected": "24e2452309a450ec4ef62339b003343eabe23016" }, { "introduced": "0" }, { "last_affected": "0e519d859e217fbfadd534313376e532d2c647fa" }, { "introduced": "0" }, { "last_affected": "8737bc1f555a2789a67462c8f8420b6ab3be97ce" }, { "introduced": "0" }, { "last_affected": "270cfe68ecc94c66141b29e2ccf20b9ec25e23dd" }, { "introduced": "0" }, { "last_affected": "c507ae29fa64bc7234efd6a002dcfe990969ad35" }, { "introduced": "0" }, { "last_affected": "0d5f85b0a40c301134122de927204a0d17ad65fa" }, { "introduced": "0" }, { "last_affected": "97505df25a1c9223fe650b00343722a7cee78ffb" }, { "introduced": "0" }, { "last_affected": "73d42edec5f6492b3d3ffc222c26dce4bdfe7263" }, { "introduced": "0" }, { "last_affected": "ddd5f8ecd4157b8f889b047e421dd9cfae7e1142" }, { "introduced": "0" }, { "last_affected": "c75242a9b55fd57a3a58d92a2dfa9f21cfe4eebc" }, { "introduced": "0" }, { "last_affected": "8872e28de06b05b11a423f32ff62a5d00ed84813" }, { "introduced": "0" }, { "last_affected": "c11034fbff25eb298617980f48b300314af471d4" }, { "introduced": "0" }, { "last_affected": "9d523862f29920292ab195b31c231f2f57f18594" }, { "introduced": "0" }, { "last_affected": "818c21cc9c2a995a58d85497a8649ebcf11a975c" }, { "introduced": "0" }, { "last_affected": "57090efe4bdc079ccfde4f9c8729d69ba3a90624" }, { "introduced": "0" }, { "last_affected": "2e056748bf61ef89d421735bb7be41f4266d7b94" }, { "introduced": "0" }, { "last_affected": "a285f9a5b84affc36c5466ce5a1b2fcdb4348b37" } ], "repo": "https://github.com/apache/kylin", "type": "GIT" } ] } ], "details": "Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone.", "id": "CVE-2020-13937", "modified": "2026-03-13T21:51:27.504036565Z", "published": "2020-10-19T21:15:12.623Z", "references": [ { "type": "ADVISORY", "url": "https://lists.apache.org/thread.html/rc592e0dcee5a2615f1d9522af30ef1822c1f863d5e05e7da9d1e57f4%40%3Cuser.kylin.apache.org%3E" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "type": "CVSS_V3" } ] }