Files or Directories Accessible to External Parties
CVE-2024-27182
Summary
In Apache Linkis versions 1.3.2 through 1.5.0, Arbitrary file deletion in Basic management services. A user with an administrator account can delete any file accessible by the Linkis system user.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- HIGH
- NONE
- NONE
CWE-552 - Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.
References
Advisory Timeline
- Published
