In Apache Linkis <= 1.5.0,

Privilege Escalation in Basic management services where the attacking user is

a trusted account

allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 04 Jun 2025 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache linkis
CPEs cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*
Vendors & Products Apache
Apache linkis

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2024-08-12T19:53:28.790Z

Reserved: 2024-02-21T03:03:36.039Z

Link: CVE-2024-27181

cve-icon Vulnrichment

Updated: 2024-08-02T16:03:23.622Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-02T10:15:59.990

Modified: 2025-06-03T21:22:14.223

Link: CVE-2024-27181

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.