Apache Software Foundation Apache Linkis Basic Management Services vulnerabilities
2 known vulnerabilities affecting apache_software_foundation/apache_linkis_basic_management_services.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-27181HIGHCVSS 8.8≥ 1.3.2, < 1.6.02024-08-02
CVE-2024-27181 [HIGH] CWE-269 CVE-2024-27181: In Apache Linkis <= 1.5.0,
Privilege Escalation in Basic management services where the attacking us
In Apache Linkis <= 1.5.0,
Privilege Escalation in Basic management services where the attacking user is
a trusted account
allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.
cvelistv5nvd
CVE-2024-27182MEDIUMCVSS 4.9≥ 1.3.2, < 1.6.02024-08-02
CVE-2024-27182 [MEDIUM] CWE-552 CVE-2024-27182: In Apache Linkis <= 1.5.0,
Arbitrary file deletion in Basic management services on
A user with an
In Apache Linkis <= 1.5.0,
Arbitrary file deletion in Basic management services on
A user with an administrator account could delete any file accessible by the Linkis system user
.
Users are recommended to upgrade to version 1.6.0, which fixes this issue.
cvelistv5nvd