CVE-2021-28131

CWE-288CWE-532Log File Information ExposureCWE-287Improper Authentication3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 44.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache ImpalaApache Software Foundation Apache Impala
Timeline
PublishedJul 22
Latest updateMay 24

Description

Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another user. However, these secrets appear in the Impala logs, therefore Impala users with access to the logs can use another authenticated user's sessions with specially constructed requests. This means the attacker is able to execute statements for which they don't have the necessary privileges otherwise. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to pri

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

NVDapache/impala< 4.0.0
CVEListV5apache_software_foundation/apache_impalaApache Impala3.4.0

🔴Vulnerability Details

2
GHSA
GHSA-h765-v877-jmq3: Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another user2022-05-24
CVEList
Impala logs contain secrets2021-07-22