Ozone@1.4.0 Security Vulnerabilities and Issues — Ozone@1.4.0 CVE List | Vulners.com

Lucene search

Basic search
Lucene search
Search by product

K

Vulnerabilities

Perimeter Scanner

Branding Guideline

Database
Products
Apache
Ozone
1.4.0

ApacheOzone1.4.0

1 matches found

CVE•added 2024/12/03 10:15 a.m.•54 views

CVE-2024-45106

Improper authentication of an HTTP endpoint in the S3 Gateway of Apache Ozone 1.4.0 allows any authenticated Kerberos user to revoke and regenerate the S3 secrets of any other user. This is only possible if: ozone.s3g.secret.http.enabled is set to true. The default value of this configuration is fa...

8.1CVSS6.6AI score0.00273EPSS

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2025 Vulners Inc