2 matches found
CVE-2021-41532
In Apache Ozone before 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints...
PT-2021-23321 · Apache · Apache Ozone
Name of the Vulnerable Software and Affected Versions: Apache Ozone versions prior to 1.2.0 Description: The issue allows any unauthenticated user to access metadata from Recon HTTP endpoints, which provide access to OM, SCM, and Datanode metadata, due to a bug. Recommendations: For versions prio...