Apache Ozone Vulnerabilities
Apache Apache Ozone vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Improper Authentication in Apache Ozone 1.4.0 Allows Revoking and Regenerating S3 Secrets
CVE-2024-45106ApacheApache OzoneImproper Authentication Vulnerability in Apache Ozone
CVE-2023-39196ApacheApache Ozone5.3MEDIUMMissing authentication/authorization on internal RPC endpoints
CVE-2021-39231ApacheApache Ozone9.1CRITICALUnauthenticated access to Ozone Recon HTTP endpoints
CVE-2021-41532ApacheApache Ozone5.3MEDIUMOwners of the S3 tokens are not validated
CVE-2021-39236ApacheApache Ozone8.8HIGHAccess mode of block tokens are not enforced
CVE-2021-39235ApacheApache Ozone6.5MEDIUMRaw block data can be read bypassing ACL/authorization
CVE-2021-39234ApacheApache Ozone6.8MEDIUMContainer-related datanode operations can be called without authorization
CVE-2021-39233ApacheApache Ozone9.1CRITICALMissing admin check for SCM related admin commands
CVE-2021-39232ApacheApache Ozone8.8HIGHOriginal block tokens are persisted and can be retrieved
CVE-2021-36372ApacheApache Ozone9.8CRITICALOzone S3 Gateway allows bucket and key access to non authenticated users
CVE-2020-17517ApacheApache Ozone7.5HIGH
3 December 2024
7 February 2024
19 November 2021
27 April 2021
No more vulnerabilities to load.