The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 up to and including 0.20.205.0, 0.23.x prior to 0.23.2, and 1.0.x prior to 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin prior to 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache hadoop 0.20.203.0 |
||
apache hadoop 0.20.204.0 |
||
apache hadoop 0.20.205.0 |
||
apache hadoop 0.23.1 |
||
apache hadoop 1.0.0 |
||
apache hadoop 0.23.0 |
||
apache hadoop 1.0.1 |
||
cloudera hadoop 0.20.1\\+169 |
||
cloudera hadoop 0.20.2\\+923 |
||
cloudera cloudera cdh cdh3 |
||
cloudera hadoop 0.20-sbin |