{
  "id": "CVE-2023-33247",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-05-26T20:15:49.360",
  "lastModified": "2023-05-28T02:28:04.970",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint that allows an unauthenticated WAR file to be deployed on the server. (A mitigation is that the remote harvesting server should be behind a firewall that only allows access to the Talend Data Catalog server.)"
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://help.talend.com/r/en-US/Talend-Products-CVEs/Talend-Products-CVEs",
      "source": "cve@mitre.org"
    }
  ]
}