In Apache Storm 0.10.0 up to and including 0.10.2, 1.0.0 up to and including 1.0.6, 1.1.0 up to and including 1.1.2, and 1.2.0 up to and including 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache storm |