CVE-2020-1952: Improper Certificate Validation in Apache IoTDB

Severity: Critical

CVSS Score: 9.8

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.