CVE-2017-7667

Summary

Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache NiFi0.0.1 to 0.7.3affected
Apache Software FoundationApache NiFi1.0.0 to 1.2.0affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References