CVE-2017-5635
CVE-2017-5635
In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.
Affected products
Apache Software Foundation · Apache NiFiWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →