CVE-2026-58319 in Dorisinfo

Summary

by MITRE • 07/14/2026

Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated attacker with network access to the FE HTTP service could perform unauthorized administrative operations, potentially affecting cluster integrity and availability and leading to cluster instability or denial of service.

This issue affects Apache Doris versions prior to 3.1.0. Users are advised to upgrade to Apache Doris 3.1.0 or later.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/14/2026

The vulnerability described represents a critical authentication bypass flaw in Apache Doris FE (Frontend) HTTP REST administrative interfaces that exposes sensitive operational capabilities to unauthenticated attackers. This weakness fundamentally undermines the security posture of affected systems by allowing malicious actors to execute administrative functions without proper credential verification, creating a pathway for unauthorized system manipulation and potential compromise of cluster integrity.

The technical nature of this vulnerability stems from insufficient authentication mechanisms within the FE HTTP service endpoints that handle administrative operations. According to CWE-287, this falls under improper authentication weaknesses where the system fails to properly verify user identities before granting access to privileged functions. The flaw enables attackers to perform unauthorized administrative operations through network access alone, without requiring valid credentials or proper authorization tokens.

From an operational impact perspective, this vulnerability creates significant risk to cluster stability and availability. Attackers can exploit these unprotected endpoints to manipulate cluster configurations, execute destructive commands, or perform operations that could lead to system instability and denial of service conditions. The potential for unauthorized administrative access means that attackers could compromise data integrity, disrupt services, or even gain complete control over the affected Apache Doris cluster through the exposed REST API interfaces.

The vulnerability aligns with ATT&CK technique T1078.004 which covers valid accounts and credential access through unauthorized access to administrative interfaces. This authentication bypass allows adversaries to operate within the system using elevated privileges without detection, as the compromised endpoints would not require additional authentication steps that could trigger security monitoring systems.

Organizations utilizing Apache Doris versions prior to 3.1.0 face substantial risk from this vulnerability, making immediate remediation essential. The recommended mitigation strategy involves upgrading to Apache Doris version 3.1.0 or later, which includes proper authentication enforcement for all administrative REST endpoints. System administrators should also implement network-level restrictions and monitoring of FE HTTP service access to detect potential exploitation attempts while awaiting the upgrade process.

Security teams should conduct comprehensive assessments of their Apache Doris deployments to identify all affected instances and ensure proper patching across all environments. The vulnerability demonstrates the critical importance of maintaining up-to-date security controls for database management systems, particularly those handling sensitive operational data and providing administrative interfaces accessible over network protocols.

Disclosure

07/14/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

medium

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!