Lucene search

High severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service

🗓️ 21 Nov 2018 22:49:23Reported by GitHub Advisory DatabaseType

High severity vulnerability in Apache Hive authorization framewor

Reporter	Title	Published	Views	Family All 8
Tenable Nessus	FreeBSD : hive -- authorization logic vulnerability (a5c204b5-4153-11e6-8dfe-002590263bf5)	5 Jul 201600:00	–	nessus
OSV	High severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service	21 Nov 201822:23	–	osv
NVD	CVE-2015-7521	29 Jan 201620:59	–	nvd
Cvelist	CVE-2015-7521	29 Jan 201620:00	–	cvelist
FreeBSD	hive -- authorization logic vulnerability	28 Jan 201600:00	–	freebsd
CVE	CVE-2015-7521	29 Jan 201620:59	–	cve
Prion	Authorization	29 Jan 201620:59	–	prion
IBM Security Bulletins	Security Bulletin: Common Vulnerabilities in Cloudera Data Platform Private Cloud Base 7.1.9.	7 May 202419:59	–	ibm

Vulners

Node

org.apache.hive hive\-serviceRange1.0.0–1.2.2

org.apache.hive hive\-execRange1.0.0–1.2.2

org.apache.hive hiveRange1.0.0–1.2.2

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-7521
github	www.github.com/advisories/GHSA-83r3-c79w-f6wc
mail-archives	www.mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E
packetstormsecurity	www.packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html
openwall	www.openwall.com/lists/oss-security/2016/01/28/12
securityfocus	www.securityfocus.com/archive/1/537549/100/0/threaded

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Nov 2018 22:23Current

8High risk

Vulners AI Score8

CVSS27.5

CVSS38.3

EPSS0.00127

CWE-287