Lucene search

K
osvGoogleOSV:GHSA-3W5H-X4RH-HC28
HistoryNov 23, 2021 - 6:18 p.m.

Exposure of sensitive information in Apache Ozone

2021-11-2318:18:25
Google
osv.dev
16
apache ozone
sensitive information
rpc endpoints
datanode
ozone manager
ratis replication configuration
attacker
software

EPSS

0.003

Percentile

69.4%

In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration.

EPSS

0.003

Percentile

69.4%

Related for OSV:GHSA-3W5H-X4RH-HC28