Cloudera CDH 5.x through 5.15.1 Incorrect Default Permissions Vulnerability

Summary

Cloudera CDH 5.x through 5.15.1 suffers from incorrect default permissions vulnerability

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Credit:

The information has been provided by Cloudera

The original article can be found at:https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_vp4_q2x_thb

 


Details

Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.

 

Vulnerable Systems:

Cloudera CDH 5.x through 5.15.1 

Cloudera CDH 6.x through 6.0.1.

 

CVE Information:

CVE-2018-17860

 

Disclosure Timeline:
Published Date: 11/26/2019