Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache hadoop 3.0.0 |