CVE-2012-1574
Published Apr 12, 2012
Last updated 8 years ago
Overview
- Description
- The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-310
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:hadoop:0.20.203.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "370F1E87-2870-49DA-9501-39327A0D9550"
},
{
"criteria": "cpe:2.3:a:apache:hadoop:0.20.204.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7386E8A-6F60-4A24-97CE-D6A58A6E9C5A"
},
{
"criteria": "cpe:2.3:a:apache:hadoop:0.20.205.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A57AD46-043A-410A-9A2A-53982641CC54"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "029481B4-F0BC-4C44-B5DB-4AE66AE92334"
},
{
"criteria": "cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "501DBE03-139A-46E9-BFD5-B7D8245AD2C7"
},
{
"criteria": "cpe:2.3:a:apache:hadoop:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCC82E5C-775B-4BB0-AE38-6CF546CD6A4F"
},
{
"criteria": "cpe:2.3:a:apache:hadoop:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA4A72DC-B207-4013-ADED-BDEEE3940486"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudera:cloudera_cdh:cdh3:0:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD622153-2A32-4721-B942-3102BA0002C1"
},
{
"criteria": "cpe:2.3:a:cloudera:cloudera_cdh:cdh3:1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0650B19A-5285-4799-877D-BCA5889158B4"
},
{
"criteria": "cpe:2.3:a:cloudera:cloudera_cdh:cdh3:2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D4259A1-CAF6-456B-A366-F8D223263097"
},
{
"criteria": "cpe:2.3:a:cloudera:hadoop:0.20-sbin:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B15492C-3EAC-481B-BAAE-258F2B5C76AE"
},
{
"criteria": "cpe:2.3:a:cloudera:hadoop:0.20.1\\+169:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F414B5A4-050E-46A0-BBAF-7716EE5DE5C5"
},
{
"criteria": "cpe:2.3:a:cloudera:hadoop:0.20.2\\+923:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A2829B7-70D8-4A65-B8A1-BC6DFA21F20A"
}
],
"operator": "OR"
}
]
}
]