Privilege Escalation Vulnerability Affects Apache Linkis Versions Below 1.5.0

CVE-2024-27181

Currently unrated 🤨

Key Information

Vendor
Apache
Status
Apache Linkis Basic Management Services
Vendor
CVE Published:
2 August 2024

Summary

In Apache Linkis <= 1.5.0,

Privilege Escalation in Basic management services where the attacking user is

a trusted account

allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.

Affected Version(s)

Apache Linkis Basic management services < 1.6.0

References

Timeline

  • Vulnerability published

Collectors

NVD DatabaseMitre Database

Credit

superx
.