Published: 29/01/2016 Updated: 09/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 8.3 | Impact Score: 3.7 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows malicious users to bypass intended parent table access restrictions via unspecified partition-level operations.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache hive 1.1.0
apache hive 1.2.1
apache hive 1.2.0
apache hive 1.0.1
apache hive 1.0.0

Hive UDFs for funnel analysis

Hive Funnel Analysis UDFs Funnel analysis is a method for tracking user conversion rates across actions This enables detection of actions causing high user fallout These Hive UDFs enables funnel analysis to be performed simply and easily on any Hive table Table of Contents Requirements How to build Build JAR Register JAR with Hive How to use funnel funnel_merge funne

CWE-287 http://mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E http://www.openwall.com/lists/oss-security/2016/01/28/12 http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html http://www.securityfocus.com/archive/1/537549/100/0/threaded https://nvd.nist.gov https://github.com/yahoo/hive-funnel-udf

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-7521

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect