← back
CVE-2017-12625

CVE-2017-12625

EPSS 1.4%
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.
Affected products
Apache Software Foundation · Apache Hive

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://mail-archives.apache.org/mod_mbox/hive-user/201710.mbox/%3C3791103E-80D5-4E75-AF23-6F8ED54DDEBE%40apache.org%3Ehttp://www.securityfocus.com/bid/101686