CVE-2018-1332

Summary

Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose a vulnerability that could allow a user to impersonate another user when communicating with some Storm Daemons.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache StormApache Storm 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlieraffected

Weaknesses

  • User Impersonation

ADP Enrichment

CVE Program Container

Additional References

References