Lucene search
K

5 matches found

OSV
OSV
added 2022/10/21 11:4 a.m.3 views

OESA-2022-2016 hadoop security update

Apache Hadoop is a framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models. It is designed to scale up from single servers to thousands of machines, each offering local computation and storage. Security Fixes: In Apache...

9CVSS8.8AI score0.03227EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/06/30 6:35 p.m.43 views

CVE-2021-33036

A flaw was found in Hadoop Yarn. This flaw allows an attacker to benefit from permissions, escalate to a yarn user and run arbitrary commands as root...

9CVSS2.7AI score0.03227EPSS
Exploits0References4
OSV
OSV
added 2022/06/15 3:15 p.m.24 views

CVE-2021-33036

In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher...

8.8CVSS9AI score
Exploits0References3
Cvelist
Cvelist
added 2022/06/15 2:25 p.m.18 views

CVE-2021-33036 Apache Hadoop Privilege escalation vulnerability

In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher...

9.2AI score0.03227EPSS
Exploits0References3
CVE
CVE
added 2022/06/15 2:25 p.m.139 views

CVE-2021-33036

CVE-2021-33036 affects Apache Hadoop (versions 2.2.0–2.10.1, 3.0.0–3.1.4, 3.2.0–3.2.2, 3.3.0–3.3.1). The issue arises from improper permission handling that could let an authenticated user who escalates to the yarn user run arbitrary commands with root privileges. The impact is elevated privilege...

9CVSS9AI score0.03227EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder