In Apache Ozone before 1.2.0, Authenticated users with valid Ozone S3 credentials can create specific OM requests, impersonating any other user.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2021-11-19T09:20:25
Updated: 2024-08-04T02:06:40.807Z
Reserved: 2021-08-17T00:00:00
Link: CVE-2021-39236
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-19T10:15:08.347
Modified: 2024-11-21T06:18:58.837
Link: CVE-2021-39236
Redhat
No data.