A vulnerability, which was classified as critical, has been found in Apache Zeppelin 0.10.x. Affected by this issue is some unknown functionality of the component Note Handler. The manipulation leads to authentication bypass by spoofing.

This vulnerability is handled as CVE-2024-31863. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.