Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2012-1574

The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.

  • Published: Apr 12, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-1574
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

Software From Fixed in
apache / hadoop 0.20.205.0 0.20.205.0.x
apache / hadoop 0.20.203.0 0.20.203.0.x
apache / hadoop 0.20.204.0 0.20.204.0.x
apache / hadoop 1.0.0 1.0.0.x
apache / hadoop 0.23.0 0.23.0.x
apache / hadoop 1.0.1 1.0.1.x
apache / hadoop 0.23.1 0.23.1.x
cloudera / cloudera_cdh cdh3 cdh3.x
cloudera / cloudera_cdh cdh3-1 cdh3-1.x
cloudera / hadoop 0.20-sbin 0.20-sbin.x
cloudera / cloudera_cdh cdh3-2 cdh3-2.x
cloudera / hadoop 0.20.2+923 0.20.2+923.x
cloudera / hadoop 0.20.1+169 0.20.1+169.x