High severityNVD Advisory· Published Aug 2, 2024· Updated Aug 12, 2024
Apache Linkis Basic management services: Privilege Escalation Attack vulnerability
CVE-2024-27181
Description
In Apache Linkis <= 1.5.0,
Privilege Escalation in Basic management services where the attacking user is
a trusted account
allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.linkis:linkisMaven | < 1.6.0 | 1.6.0 |
Affected products
2- Apache Software Foundation/Apache Linkis Basic management servicesv5Range: 1.3.2
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-v352-rg37-5q5mghsaADVISORY
- lists.apache.org/thread/hosd73l7hxb3rpt5rb0yg0ld11zph4c6ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2024-27181ghsaADVISORY
- www.openwall.com/lists/oss-security/2024/08/02/3ghsaWEB
News mentions
0No linked articles in our index yet.