6 matches found
org.apache.nifi:nifi-framework-nar (>=1.1.0 <=1.12.1), org.apache.nifi:nifi-jetty (>=1.1.0 <=1.15.3) +3 more potentially affected by CVE-2024-56512 via org.apache.nifi:nifi-web-api (>=1.10.0 <=2.0.0)
org.apache.nifi:nifi-web-api MAVEN version =1.10.0, =1.1.0, =1.1.0, =1.13.0, =1.11.0, =1.10.0, =2.0.0-M4 Source cves: CVE-2024-56512 Source advisory: OSV:GHSA-MPJ7-7MG7-X95J...
CVE-2024-56512
Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases wher...
CVE-2024-56512
CVE-2024-56512 (Apache NiFi) affects NiFi 1.10.0–2.0.0, where creating a new Process Group omits fine‑grained authorization checks for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers. As a result, authenticated users with permission to create Process Groups ...
CVE-2024-56512 Apache NiFi: Missing Complete Authorization for Parameter and Service References
Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases wher...
CVE-2024-56512 Apache NiFi: Missing Complete Authorization for Parameter and Service References
Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases wher...
CVE-2024-56512
creationtimestamp| type| source ---|---|--- 2024-12-28 06:51:58+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3ledw3yyvwx22 2024-12-28 16:22:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113731368868060448 2024-12-28 17:15:29+00:00| seen|...