Описание
Incorrect Authorization in Apache Ozone
In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client.
Пакеты
Наименование
org.apache.ozone:ozone-main
maven
Затронутые версииВерсия исправления
< 1.2.0
1.2.0
Связанные уязвимости
CVSS3: 9.1
nvd
около 4 лет назад
In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client.