1.5.0

CVSS 4.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

apache

CWE-552

NVD

Published: 2024-08-02

Updated: 2024-08-16

Summary

In Apache Linkis <= 1.5.0, Arbitrary file deletion in Basic management services on A user with an administrator account could delete any file accessible by the Linkis system user . Users are recommended to upgrade to version 1.6.0, which fixes this issue.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Linkis 1.4.0 Apache Linkis 1.5.0	2

Common Weakness Enumeration (CWE)

CWE-552 - Files or Directories Accessible to External Parties

References

https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h