Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-91626
HistoryNov 24, 2021 - 12:00 a.m.

Apache Ozone has an unspecified vulnerability (CNVD-2021-91626)

2021-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
apache ozone
vulnerability
server-to-server
rpc endpoints
data download
ratis replication configuration
cnvd-2021-91626

EPSS

0.003

Percentile

69.4%

Apache Ozone is an application. A scalable, redundant and distributed object store for Hadoop and cloud-native environments. Apache Ozone version 1.2.0 has a security vulnerability that stems from various internal server-to-server RPC endpoints that can be used to connect, and an attacker can download raw data from Datanode and Ozone Manager and modify the Ratis replication configuration.

EPSS

0.003

Percentile

69.4%