CVE-2018-11764

Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:hadoop:3.0.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:-:*:*:*:*:*:*

Information

Published : 2020-10-21 12:15

Updated : 2022-06-03 11:57


NVD link : CVE-2018-11764

Mitre link : CVE-2018-11764


JSON object : View

CWE
CWE-306

Missing Authentication for Critical Function

Advertisement

dedicated server usa

Products Affected

apache

  • hadoop