CVE-2018-11799

Summary

Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache OozieApache Oozie 3.1.3-incubating to 5.0.0affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References