← back
CVE-2018-11799

CVE-2018-11799

EPSS 1.5%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
19 Dec 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →