← voltar
CVE-2017-5636

CVE-2017-5636

EPSS 3.6%
In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node.
Produtos afetados
Apache Software Foundation · Apache NiFi

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://nifi.apache.org/security.html#CVE-2017-5636http://www.securityfocus.com/bid/96731