Описание
Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:hadoop:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:2.6.4:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00065
Низкий
6.2 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 6.2
debian
почти 10 лет назад
Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduc ...
CVSS3: 6.2
github
больше 3 лет назад
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
EPSS
Процентиль: 21%
0.00065
Низкий
6.2 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200