Arbitrary File Deletion Vulnerability in Apache Linkis Before 1.6.0
CVE-2024-27182
4.9MEDIUM
Summary
In Apache Linkis <= 1.5.0,
Arbitrary file deletion in Basic management services on
A user with an administrator account could delete any file accessible by the Linkis system user
. Users are recommended to upgrade to version 1.6.0, which fixes this issue.
References
CVSS V3.1
Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Collectors
NVD Database