In Apache NiFi prior to 0.7.2 and 1.x prior to 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache nifi 0.7.1 |
||
apache nifi 0.7.0 |
||
apache nifi 1.1.1 |
||
apache nifi 1.1.0 |