CVE-2021-39234

Incorrect Authorization in maven/org.apache.ozone/ozone

Identifiers

CVE-2021-39234

Package Slug

maven/org.apache.ozone/ozone

Vulnerability

Incorrect Authorization

Description

In Apache Ozone, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL.

Affected Versions

All versions before 1.2.0

Solution

Upgrade to version 1.2.0 or above.

Last Modified

2021-11-22

source