CVE-2018-11767
published 2019-03-21CVE-2018-11767: In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default…
high7.4CVSS 3.0
AVNACHPRNUINSUCHINAH
In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | hadoop | — | — |
| apache | hadoop | 2.7.5 – 2.7.6 | — |
| apache | hadoop | 2.8.3 – 2.8.4 | — |
| apache | hadoop | 2.9.0 – 2.9.1 | — |