PT-2024-21716 · Apache · Apache Linkis
Superx
·
Published
2024-08-02
·
Updated
2024-08-02
·
CVE-2024-27181
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache Linkis versions 1.5.0 and earlier
Description
The issue allows a trusted account to escalate privileges in Basic management services, gaining access to Linkis's Token information.
Recommendations
For Apache Linkis versions 1.5.0 and earlier, upgrade to version 1.6.0 to resolve the issue.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Linkis