CVE-2018-11767

Published: 21/03/2019 Updated: 07/11/2023

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.4 | Impact Score: 5.2 | Exploitability Score: 2.2

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache hadoop

CVE-2018-11767: Apache Hadoop KMS ACL regression Severity: Severe Vendor: The Apache Hadoop Software Foundation Versions affected: 290 to 291, 283 to 284, 275 to 276 Description: After the security fix for CVE-2017-15713, KMS has an access control regression, blocking users or granting access to users incorrectly, if the system use ...

CWE-269 https://security.netapp.com/advisory/ntap-20190416-0009/https://lists.apache.org/thread.html/5fb771f66946dd5c99a8a5713347c24873846f555d716f9ac17bccca%40%3Cgeneral.hadoop.apache.org%3E https://lists.apache.org/thread.html/246cf223e7dc0c1dff90b78dccb6c3fe94e1a044dbf98e2333393302%40%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/5a44590b4eedc5e25f5bd3081d1631b52c174b5b99157f7950ddc270%40%3Ccommon-dev.hadoop.apache.org%3E https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E https://nvd.nist.gov http://seclists.org/oss-sec/2019/q1/173

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-11767

Vulnerability Summary

Vulnerability Trend

Mailing Lists

References

Vulmon Search

About

Products

Connect