Lucene search
ApacheCVELIST:CVE-2021-41532HistoryNov 19, 2021 - 9:20 a.m.
CVE-2021-41532 Unauthenticated access to Ozone Recon HTTP endpoints
2021-11-1909:20:26
CWE-200
apache
www.cve.org
In Apache Ozone before 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints.
CNA Affected
[
{
"product": "Apache Ozone",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.1.0",
"status": "affected",
"version": "Everglades (1.1.0)",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Information Disclosure
2021-11-23 14:30:31
cve
cve
CVE-2021-41532
2021-11-19 10:15:08
cnvd
cnvd
Apache Ozone Access Control Error Vulnerability
2021-11-24 00:00:00
github
github
Apache Ozone exposes OM, SCM and Datanode metadata
2021-11-23 18:17:50
osv
osv
Apache Ozone exposes OM, SCM and Datanode metadata
2021-11-23 18:17:50
CVE-2021-41532
2021-11-19 10:15:08
prion
prion
Code injection
2021-11-19 10:15:00
nvd
nvd
CVE-2021-41532
2021-11-19 10:15:08