CVE-2024-27181

CVE-2024-27181: Apache Linkis Basic management services: Privilege Escalation Attack vulnerability

Vendor Apache Software Foundation

Product Apache Linkis Basic management services

Weakness CWE-269

Published August 2, 2024

Last update August 12, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

In Apache Linkis <= 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.

Key dates

Disclosure timeline

August 2, 2024 CVE published

August 12, 2024 Record updated