CVE-2021-39236

Improper Authentication in maven/org.apache.ozone/ozone

Identifiers

CVE-2021-39236

Package Slug

maven/org.apache.ozone/ozone

Vulnerability

Improper Authentication

Description

In Apache Ozone, Authenticated users with valid Ozone S3 credentials can create specific OM requests, impersonating any other user.

Affected Versions

All versions before 1.2.0

Solution

Upgrade to version 1.2.0 or above.

Last Modified

2021-11-22

source