Vulnerabilities

CVE-2018-11765

by Fred · 30/09/2020

In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled.

Date published : 2020-09-30

https://security.netapp.com/advisory/ntap-20201016-0005/

https://lists.apache.org/thread.html/r2c7f899911a04164ed1707083fcd4135f8427e04778c87d83509b0da%40%3Cgeneral.hadoop.apache.org%3E

Similar

Tags: Cybersecurity Alert