Apache nifi is vulnerable to unauthorized data accesses. The vulnerability exists in a cluster environment when an anonymous user request is replicated to another node. The replicated node identity will contain the originating node identity instead of the anonymous user’s identity.
CPE | Name | Operator | Version |
---|---|---|---|
nifi-web-security | le | 0.7.1 | |
nifi-framework-authorization | le | 1.1.1 |