A vulnerability was found in Apache Kylin up to 4.x. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to session fixiation.

This vulnerability is known as CVE-2024-23590. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.