CVE-2021-39232
published 2021-11-19CVE-2021-39232: In Apache Ozone versions prior to 1.2.0, certain admin related SCM commands can be executed by any authenticated users, not just by admins.
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
In Apache Ozone versions prior to 1.2.0, certain admin related SCM commands can be executed by any authenticated users, not just by admins.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | ozone | < 1.2.0 | 1.2.0 |
| apache_software_foundation | apache_ozone | 1.0 – 1.0 | — |