Lucene search
Veracode Vulnerability DatabaseVERACODE:33054HistoryNov 22, 2021 - 4:11 p.m.
Authorization Bypass
2021-11-2216:11:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
hadoop-hdds-common
authorization bypass
vulnerability
admin block operations
software
EPSS
0.003
Percentile
69.4%
hadoop-hdds-common is vulnerable to authorization bypass. The library does not properly perform authorization checks, allowing an authenticated attacker to execute admin block operations.
References
www.openwall.com/lists/oss-security/2021/11/19/4
github.com/apache/ozone/commit/355096b9c218a90d01307b7b8782c469300b94bf
github.com/apache/ozone/commit/842e6f6f1002a04eb3dd2c76ef108575f3a751af
github.com/apache/ozone/pull/2186
github.com/apache/ozone/pull/2254
issues.apache.org/jira/browse/HDDS-4729
issues.apache.org/jira/browse/HDDS-5236
mail-archives.apache.org/mod_mbox/ozone-dev/202111.mbox/%3C394a9a73-44dd-b5db-84d8-607c3226eb00%40apache.org%3E
Related
prion
prion
Design/Logic Flaw
2021-11-19 10:15:00
osv
osv
Incorrect Authorization in Apache Ozone
2021-11-23 18:17:59
CVE-2021-39233
2021-11-19 10:15:08
github
github
Incorrect Authorization in Apache Ozone
2021-11-23 18:17:59
cnvd
cnvd
Apache Ozone has unspecified vulnerabilities
2021-11-24 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2021-39233
2021-11-19 10:15:08
cve
cve
CVE-2021-39233
2021-11-19 10:15:08