Apache Hadoop CVE-2017-15718 Incomplete Fix Information Disclosure Vulnerability
BID:106653
Info
Apache Hadoop CVE-2017-15718 Incomplete Fix Information Disclosure Vulnerability
| Bugtraq ID: | 106653 |
| Class: | Design Error |
| CVE: |
CVE-2017-15718 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 24 2018 12:00AM |
| Updated: | Jan 24 2018 12:00AM |
| Credit: | Vinayakumar B |
| Vulnerable: |
Apache Hadoop 2.7.4 Apache Hadoop 2.7.3 |
| Not Vulnerable: |
Apache Hadoop 2.7.5 |
Discussion
Apache Hadoop CVE-2017-15718 Incomplete Fix Information Disclosure Vulnerability
Apache Hadoop is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks.
NOTE: This issue is the result of an incomplete fix for the issue described in BID 106058 (Apache Hadoop CVE-2016-3086 Information Disclosure Vulnerability).
Apache Hadoop is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks.
NOTE: This issue is the result of an incomplete fix for the issue described in BID 106058 (Apache Hadoop CVE-2016-3086 Information Disclosure Vulnerability).
Exploit / POC
Apache Hadoop CVE-2017-15718 Incomplete Fix Information Disclosure Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Apache Hadoop CVE-2017-15718 Incomplete Fix Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.