121 matches found
Design/Logic Flaw
In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration...
Code injection
In Apache Ozone before 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints...
Design/Logic Flaw
In Apache Ozone versions prior to 1.2.0, certain admin related SCM commands can be executed by any authenticated users, not just by admins...
Code injection
In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block...
Code injection
In Apache Ozone before 1.2.0, Authenticated users with valid Ozone S3 credentials can create specific OM requests, impersonating any other user...
Design/Logic Flaw
In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client...
Design/Logic Flaw
In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL...
CVE-2021-41532
Apache Ozone prior to 1.2.0 has an access-control flaw: Recon HTTP endpoints expose OM, SCM and Datanode metadata to unauthenticated users due to a bug. Affected component is Recon HTTP endpoints in Ozone; root cause is insufficient access controls allowing data exposure. Impact is exposure of me...
CVE-2021-39236
Apache Ozone (before 1.2.0) is affected. Authenticated users with valid Ozone S3 credentials can create specific OM requests and impersonate other users due to non-validation/inadequate protection of Ozone S3 tokens. Exploitation details are described across multiple sources (including CVE-2021-3...
CVE-2021-39236 Owners of the S3 tokens are not validated
In Apache Ozone before 1.2.0, Authenticated users with valid Ozone S3 credentials can create specific OM requests, impersonating any other user...
CVE-2021-39235 Access mode of block tokens are not enforced
In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block...
CVE-2021-39234 Raw block data can be read bypassing ACL/authorization
In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL...
CVE-2021-39234
CVE-2021-39234 affects Apache Ozone up to version 1.2.0. The vulnerability allows an authenticated user who knows the ID of an existing block to craft a request that accesses that block, bypassing ACL and other security checks. This is a block-access control error in the Ozone identity/authorizat...
CVE-2021-39233 Container-related datanode operations can be called without authorization
In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client...
CVE-2021-39233
In Apache Ozone, versions prior to 1.2.0 expose a security issue where Container related Datanode requests are not properly authorized and can be invoked by any client. The vulnerability impacts confidentiality and integrity, with CVSS up to 9.1 (CRITICAL) in the 3.1 vector, but no exploitation d...
CVE-2021-39232 Missing admin check for SCM related admin commands
In Apache Ozone versions prior to 1.2.0, certain admin related SCM commands can be executed by any authenticated users, not just by admins...
CVE-2021-39232
Apache Ozone (versions prior to 1.2.0) is affected by an authorization issue where certain admin SCM commands can be executed by any authenticated user, effectively an authorization bypass. The vulnerability is described across multiple sources (NVD, Red Hat, OSV, GHSA, CNVD, Veracode) with the c...
CVE-2021-39231 Missing authentication/authorization on internal RPC endpoints
In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration...
CVE-2021-39231
CVE-2021-39231 affects Apache Ozone
CVE-2021-36372 Original block tokens are persisted and can be retrieved
In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked...