Identity Leakage in Apache NiFi Cluster Environment
CVE-2017-5635 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.
Learn more about our Cis Benchmark Audit For Apache Http Server.