8 matches found
EUVD-2024-0531
Malicious code in bioql PyPI...
Improper Authentication
org.apache.ozone ozone-main is vulnerable to Improper Authentication. The vulnerability is due to improper verification for the identity of a user accessing the Storage Container Manager service. This flaw allows an attackers to download internal metadata without the need for proper authenticatio...
GHSA-6726-2RX3-CGWH Apache Ozone Improper Authentication vulnerability
Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...
CVE-2023-39196
Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...
Authentication flaw
Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...
CVE-2023-39196
CVE-2023-39196 describes an improper authentication vulnerability in Apache Ozone (affecting 1.2.0 up to 1.3.0). The issue allows an attacker to download internal metadata from the Storage Container Manager service without authenticating, but does not permit modification or access to actual user ...
CVE-2023-39196 Apache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints
Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...
CVE-2023-39196 Apache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints
Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...