Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/05/07 7:59 p.m.62 views

Security Bulletin: Common Vulnerabilities in Cloudera Data Platform Private Cloud Base 7.1.9.

Summary Common vulnerabilities reported in Cloudera Data Platform Private Cloud Base 7.1.9 have been addressed, and are available in Hotfix 2. Vulnerability Details CVEID:CVE-2015-1772 DESCRIPTION: Apache Hive could allow a remote attacker to bypass security restrictions, caused by an error in th...

9CVSS9.9AI score0.53861EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/11 7:52 p.m.23 views

Security Bulletin: Apache Hadoop could allow a remote attacker to obtain sensitive information that could affect IBM Streams.

Summary In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled. Please see more details below. Vulnerability Details CVEID:...

7.5CVSS1AI score0.05207EPSS
Exploits0Affected Software1
CVE
CVE
added 2020/09/30 5:2 p.m.102 views

CVE-2018-11765

CVE-2018-11765 – Hadoop web-UI auth bypass (CONCRETE DETAILS) Affected software: Apache Hadoop 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, and 2.8.0 to 2.8.5. The vulnerability arises in the web interfaces when Kerberos authentication is enabled and SPNEGO over HTTP is not enabled. What is affected: a...

7.5CVSS7.6AI score0.05207EPSS
Exploits0References12Affected Software1
RedhatCVE
RedhatCVE
added 2020/09/29 3:50 p.m.29 views

CVE-2018-11765

In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled. Mitigation Users should upgrade to Apache Hadoop 2.10.0, 3.0.1 or upper. If it...

7.5CVSS1.8AI score0.05207EPSS
Exploits0References4
Rows per page
Query Builder