← voltar
CVE-2014-0228

CVE-2014-0228

EPSS 3.5%
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://mail-archives.apache.org/mod_mbox/hive-user/201406.mbox/%3CCABgNGzeN7E+9d=YV5yvnKA7wmSx1op_avtUjPcPtDaR6DLJM6g%40mail.gmail.com%3Ehttp://packetstormsecurity.com/files/127091/Apache-Hive-0.13.0-Authorization-Failure.htmlhttp://www.securityfocus.com/archive/1/532418/100/0/threaded