8.8
CVSSv3

CVE-2018-8029

Published: 30/05/2019 Updated: 07/11/2023
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache hadoop 3.0.0

apache hadoop 2.9.0

apache hadoop

apache hadoop 2.9.1

Mailing Lists

<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2018-8029: Apache Hadoop Privilege escalation vulnerability <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: A ...