CVE-2017-3162
published 2017-04-26CVE-2017-3162: HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in…
high7.3CVSS 3.0
AVNACLPRNUINSUCLILAL
HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | hadoop | <= 2.6.5 | — |
| apache_software_foundation | apache_hadoop | — | — |