PT-2021-24449 — Apache Apache Nifi

PT-2021-24449 · Apache · Apache Nifi

Published

2021-02-24

Updated

2021-02-24

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: Apache NIFI versions prior to 0.4.0-RC2

Description: A security issue was discovered in Apache NIFI where passwords for the InvokeHTTP component were not encrypted.

Recommendations: For versions prior to 0.4.0-RC2, update to version 0.4.0-RC2 or later to resolve the issue.

Found an issue in the description? Have something to add? Feel free to write us 👾

GHSA-Q594-2475-8V9F

Apache Nifi