Lucene search
HistoryAug 02, 2024 - 10:16 a.m.
CVE-2024-27182
apache linkis
arbitrary file deletion
cve-2024-27182
upgrade
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
27.3%
In Apache Linkis <= 1.5.0,
Arbitrary file deletion in Basic management services on
A user with an administrator account could delete any file accessible by the Linkis system user
.
Users are recommended to upgrade to version 1.6.0, which fixes this issue.
Affected configurations
Node
apachelinkisRange1.3.2–1.6.0
Related
veracode
veracode
Arbitrary File Deletion
2024-08-05 04:53:13
osv
osv
Apache Linkis arbitrary file deletion vulnerability
2024-08-02 12:31:43
CVE-2024-27182
2024-08-02 10:16:00
cve
cve
CVE-2024-27182
2024-08-02 10:16:00
vulnrichment
vulnrichment
cvelist
cvelist
github
github
Apache Linkis arbitrary file deletion vulnerability
2024-08-02 12:31:43
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
27.3%
Related for NVD:CVE-2024-27182