User Impersonation Vulnerability in Apache Oozie 3.1.3-incubating to 5.0.0

User Impersonation Vulnerability in Apache Oozie 3.1.3-incubating to 5.0.0

CVE-2018-11799 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.

Learn more about our Cis Benchmark Audit For Apache Http Server.