CVE Daily

CVE-2024-41169

The attacker can use the raft server protocol in an unauthenticated way. The att...

High CVSS 7.5

Overview

The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories and files.

This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0.

Users are recommended to upgrade to version 0.12.0,Β which fixes the issue by removing the Cluster Interpreter.

CWE: CWE-664 Published: 2025-07-12T17:15:20.817
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.5 (HIGH)
  • Detected tags: apache (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags