Описание
Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability
FAQ
What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker who successfully exploited this vulnerability could gain cluster administrator privileges.
What action is required to secure my resources against this vulnerability?
A script action has been made available to assist customers with updating their resources as required which can be found here: CVE-2023-36419 Script Action
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
8.8 High
CVSS3
Связанные уязвимости
Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability
Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability
Уязвимость системы автоматизации процессов обработки данных Apache Oozie службы аналитики данных Azure HDInsight, позволяющая нарушителю повысить свои привилегии
EPSS
8.8 High
CVSS3