Описание
Improper Access Control in Apache Hadoop
In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service.
Пакеты
Наименование
org.apache.hadoop:hadoop-common
maven
Затронутые версииВерсия исправления
>= 2.6.0, <= 2.6.4
2.6.5
Наименование
org.apache.hadoop:hadoop-common
maven
Затронутые версииВерсия исправления
>= 2.7.0, <= 2.7.2
2.7.3
Связанные уязвимости
CVSS3: 8.8
nvd
около 9 лет назад
In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service.
CVSS3: 8.8
debian
около 9 лет назад
In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote u ...