Description
Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.
References (1)
Core 1
Core References
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/f7435d66b840daa2a38ad1329d639b70f5a9476e7580ae885d422e86%40%3Cdev.atlas.apache.org%3E
Scores
CVSS v3
7.5
EPSS
0.0102
EPSS Percentile
77.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-284
Status
published
Products (7)
apache/atlas
0.6.0 (3 CPE variants)
apache/atlas
0.7.0 (3 CPE variants)
apache/atlas
0.7.1 (4 CPE variants)
Apache Software Foundation/Apache Atlas
0.6.0-incubating
Apache Software Foundation/Apache Atlas
0.7.0-incubating
Apache Software Foundation/Apache Atlas
0.7.1-incubating
org.apache.atlas/atlas-common
0.6.0-incubating - 0.8-incubatingMaven
Published
Aug 29, 2017
Tracked Since
Feb 18, 2026