CVE-2013-6446
Published Mar 23, 2017
Last updated 8 years ago
Overview
- Description
- The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 3.1
- Impact score
- 1.4
- Exploitability score
- 1.6
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30715E47-3508-4413-9AF0-F7A5494BD3DB"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12AFC1A8-B5C1-4704-9208-66A7C58AFF66"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D6CA009-5032-4FE5-8BE6-D00C7DFEB162"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C243346-5F50-4C18-9DAE-A5828BA7DC3D"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D790D3B1-14A3-48D7-BA84-596D00F0793F"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A10C11CC-2C96-4CF0-BC66-7C5A9425A20A"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6718CB4-3D73-4E4F-B54C-EBF944D73352"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE609BC8-D73F-4032-AA71-E5F64910A2B7"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "935C3F63-BF05-4D0C-8C0A-55A8E5AFF8E0"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5A293DE-E885-4BCA-9807-AFEFFE33AC41"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA74529E-7E6B-410C-96E0-6437C7D674C3"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C9EFF66-7D5E-4E2B-AA8C-B75E4EACF6CD"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F33CA6D5-3BE7-4385-B67D-D983DFD0CBC5"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "031729AF-F9E6-479D-90FE-FA7C1E33104F"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9F8B080-BF55-4B31-B122-6F3C64C75ADD"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:4.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCAA7878-70CE-470C-8889-CB13A71FC2ED"
},
{
"criteria": "cpe:2.3:a:cloudera:cdh:5.0.0:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0293F82-7BA9-4608-96B7-CCED9A98313C"
}
],
"operator": "OR"
}
]
}
]