CVE-2021-39233
published 2021-11-19CVE-2021-39233: In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client.
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | ozone | < 1.2.0 | 1.2.0 |
| apache_software_foundation | apache_ozone | 1.1 – 1.1 | — |