Lucene search

Improper Privilege Management in Apache Hadoop

🗓️ 09 Feb 2022 22:38:17Reported by GitHub Advisory DatabaseType

Improper Privilege Management in Apache Hadoop version 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 28
Cvelist	CVE-2020-9492	26 Jan 202112:55	–	cvelist
NVD	CVE-2020-9492	26 Jan 202118:16	–	nvd
CNVD	Unspecified Vulnerability in Apache Hadoop	3 Feb 202100:00	–	cnvd
IBM Security Bulletins	Security Bulletin: A vulnerability in IBM Spectrum Scale could allow an authenticated user to gain elevated privileges (CVE-2020-9492)	19 Jul 202111:45	–	ibm
IBM Security Bulletins	Security Bulletin: An Apache Hadoop vulnerability could affect InfoSphere Streams.	19 Apr 202119:01	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Hadoop affects watsonx.data	5 Sep 202418:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in hadoop-hdfs-2.7.3.jar affect IBM Application Performance Management products	7 Sep 202306:46	–	ibm
IBM Security Bulletins	Security Bulletin: openSSL and Apache Hadoop vulnerability impacting Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client, Aspera On Demand (CVE-2020-1971, CVE-2020-9492)	3 Aug 202118:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	27 Apr 202310:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Spark affecting IBM QRadar User Behavior Analytics	18 Oct 202213:20	–	ibm

Vulners

Node

org.apache.hadoop hadoop-commonRange3.0.0–3.1.4

org.apache.hadoop hadoop-commonRange3.2.0–3.2.2

org.apache.hadoop hadoop-commonRange2.0.0–2.10.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-9492
github	www.github.com/apache/hadoop/commit/ca65409836d2949e9a9408d40bec0177b414cd5d
lists	www.lists.apache.org/thread.html/r0a534f1cde7555f7208e9f9b791c1ab396d215eaaef283b3a9153429@%3Ccommits.druid.apache.org%3E
lists	www.lists.apache.org/thread.html/r513758942356ccd0d14538ba18a09903fc72716d74be1cb727ea91ff%40%3Cgeneral.hadoop.apache.org%3E
lists	www.lists.apache.org/thread.html/r79323adac584edab99fd5e4b52a013844b784a5d4b600da0662b33d6@%3Ccommits.druid.apache.org%3E
lists	www.lists.apache.org/thread.html/r941e9be04efe0f455d20aeac88516c0848decd7e7b1d93d5687060f4@%3Ccommits.druid.apache.org%3E
lists	www.lists.apache.org/thread.html/rc0057ebf32b646ab47f7f5744a8948332e015c39044cbb9d87ea76cd@%3Ccommits.druid.apache.org%3E
lists	www.lists.apache.org/thread.html/rca4516b00b55b347905df45e5d0432186248223f30497db87aba8710@%3Cannounce.apache.org%3E
security	www.security.netapp.com/advisory/ntap-20210304-0001/
lists	www.lists.apache.org/thread.html/r6341f2a468ced8872a71997aa1786ce036242413484f0fa68dc9ca02@%3Cissues.solr.apache.org%3E

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Feb 2022 22:17Current

8.9High risk

Vulners AI Score8.9

CVSS26.5

CVSS38.8

EPSS0.00115