In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2021-11-19T09:20:16

Updated: 2024-08-04T00:54:51.493Z

Reserved: 2021-07-12T00:00:00

Link: CVE-2021-36372

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-11-19T10:15:07.983

Modified: 2024-11-21T06:13:37.693

Link: CVE-2021-36372

cve-icon Redhat

No data.