漏洞类别:Local
漏洞等级: 
漏洞信息
Apache Hadoop is an open-source software framework used for distributed storage and processing of very large data sets.
A design error vulnerability has been identified in Hadoop. Specifically, the error occurs due to improper handling of the HDFS NameNode user.
Affected version
Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3
漏洞危害
On successful exploitation it allows a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service.
解决方案
Upgrade to Apache Hadoop 2.6.5, 2.7.3 or later
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论