hadoop-ozone-ozone-manager is vulnerable to privilege escalation. The library does not check the access mode parameter of the block token, allowing an attacker with a read block token to do write operations.
CPE | Name | Operator | Version |
---|---|---|---|
apache ozone manager server | le | 1.0.0 | |
apache ozone manager server | le | 1.0.0 |