Apache Hadoop DataNode Missed Validation Vulnerability
HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated. Apache Hadoop versions 2.6.x and earlier are affected. CVE-2017-3162: Apache Hadoop DataNode web UI vulnerability Severity: Important Vendor: The...