Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2024/12/28 6:30 p.m.10 views

org.apache.nifi:nifi-framework-nar (>=1.1.0 <=1.12.1), org.apache.nifi:nifi-jetty (>=1.1.0 <=1.15.3) +3 more potentially affected by CVE-2024-56512 via org.apache.nifi:nifi-web-api (>=1.10.0 <=2.0.0)

org.apache.nifi:nifi-web-api MAVEN version =1.10.0, =1.1.0, =1.1.0, =1.13.0, =1.11.0, =1.10.0, =2.0.0-M4 Source cves: CVE-2024-56512 Source advisory: OSV:GHSA-MPJ7-7MG7-X95J...

5.4CVSS5.8AI score0.03095EPSS
Exploits0
NVD
NVD
added 2024/12/28 5:15 p.m.23 views

CVE-2024-56512

Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases wher...

5.4CVSS0.03095EPSS
Exploits0References2
CVE
CVE
added 2024/12/28 4:18 p.m.964 views

CVE-2024-56512

CVE-2024-56512 (Apache NiFi) affects NiFi 1.10.0–2.0.0, where creating a new Process Group omits fine‑grained authorization checks for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers. As a result, authenticated users with permission to create Process Groups ...

5.4CVSS6.4AI score0.03095EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/12/28 4:18 p.m.10 views

CVE-2024-56512 Apache NiFi: Missing Complete Authorization for Parameter and Service References

Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases wher...

2.1CVSS6.2AI score0.03095EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/12/28 4:18 p.m.29 views

CVE-2024-56512 Apache NiFi: Missing Complete Authorization for Parameter and Service References

Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases wher...

2.1CVSS0.03095EPSS
Exploits0References1
Circl
Circl
added 2024/12/28 6:51 a.m.10 views

CVE-2024-56512

creationtimestamp| type| source ---|---|--- 2024-12-28 06:51:58+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3ledw3yyvwx22 2024-12-28 16:22:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113731368868060448 2024-12-28 17:15:29+00:00| seen|...

5.4CVSS4.8AI score0.03095EPSS
Exploits0References5
Rows per page
Query Builder