In Apache Ozone prior to 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache ozone |