Apache Knox is vulnerable to privilege escalation. This is possible due to a flaw in the handling of authentication in WebHDFS through knox. It allows authenticated users to impersonate another user and potentially access unauthorized data or escalate privileges. The attack attempts are logged and can be traced back to the authenticated user.
mail-archives.apache.org/mod_mbox/knox-user/201705.mbox/%3CCACRbFyjtT7QQGHUzTRdbJoySbJb7tt4BDk5-r-VRn0GB0Kgvag%40mail.gmail.com%3E
www.securityfocus.com/bid/98739
issues.apache.org/jira/browse/KNOX-906
lists.apache.org/thread.html/rcd6bcbcc08840d4e4bea661efe9a5ef8f6126ebbbc5bc266701d8f48@%3Cdev.logging.apache.org%3E