Privilege Escalation Vulnerability Affects Apache Linkis Versions Below 1.5.0
CVE-2024-27181

Currently unrated

Key Information:

Vendor: Apache
Status: Apache Linkis Basic Management Services
Vendor: CVE Published:; 2 August 2024

Summary

In Apache Linkis <= 1.5.0,

Privilege Escalation in Basic management services where the attacking user is

a trusted account

allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.

Affected Version(s)

Apache Linkis Basic management services 1.3.2 < 1.6.0

References

https://lists.apache.org/thread/hosd73l7hxb3rpt5rb0yg0ld1...

vendor-advisory

Timeline

Vulnerability published
Aug 2, 2024

Credit

superx

.