CVE-2018-11799
published 2018-12-19CVE-2018-11799: Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results…
medium6.5CVSS 3.0
AVNACLPRLUINSUCNIHAN
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | oozie | — | — |
| apache | oozie | >= 3.1.3 < 5.1.0 | 5.1.0 |
| apache_software_foundation | apache_oozie | — | — |