ID CVE-2017-3166
Summary In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file.
Vulnerable Configurations
Base: None
Last major update 13-11-2017 - 09:29
Published 13-11-2017 - 09:29
Last modified 13-11-2017 - 09:29
Back to Top