Lucene search
ApacheCVELIST:CVE-2024-27181HistoryAug 02, 2024 - 9:27 a.m.
CVE-2024-27181 Apache Linkis Basic management services: Privilege Escalation Attack vulnerability
2024-08-0209:27:48
CWE-269
apache
www.cve.org
10
apache linkis
privilege escalation
upgrade
EPSS
0
Percentile
9.4%
In Apache Linkis <= 1.5.0,
Privilege Escalation in Basic management services where the attacking user is
a trusted account
allows access to Linkis’s Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.
CNA Affected
[
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.linkis:linkis-pes-publicservice",
"product": "Apache Linkis Basic management services",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "1.3.2",
"versionType": "maven"
}
]
}
]Related
veracode
veracode
Improper Privilege Management
2024-08-05 06:13:19
cve
cve
CVE-2024-27181
2024-08-02 10:15:59
nvd
nvd
CVE-2024-27181
2024-08-02 10:15:59
vulnrichment
vulnrichment
osv
osv
Apache Linkis vulnerable to privilege escalation
2024-08-02 12:31:43
github
github
Apache Linkis vulnerable to privilege escalation
2024-08-02 12:31:43