CVE-2014-3627

{"id": "CVE-2014-3627", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-12-05T16:59:04.127", "references": [{"url": "http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug%40mail.gmail.com%3E", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/60079", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/60432", "source": "secalert@redhat.com"}, {"url": "http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug%40mail.gmail.com%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/60079", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/60432", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache."}, {"lang": "es", "value": "El demonio YARN NodeManager en Apache Hadoop 0.23.0 hasta 0.23.11 y 2.x anterior a 2.5.2, cuando utiliza la autenticaci\u00f3n Kerberos, permite a usuarios remotos de cl\u00faster cambiar los permisos de ciertos ficheros a de lectura universal a trav\u00e9s de un ataque de enlace simb\u00f3lico en un archivo tar p\u00fablico, lo que no se maneja correctamente durante la localizaci\u00f3n, relacionado con un cach\u00e9 distribuido."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "029481B4-F0BC-4C44-B5DB-4AE66AE92334"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "501DBE03-139A-46E9-BFD5-B7D8245AD2C7"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD95328D-ED9A-4889-96E7-C7B3041745FB"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65899B21-D364-4E6D-8E82-1D408BA4E2A6"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5512B2DD-5136-4215-899C-FB48AFA8A2CC"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68A3493C-3D69-46A9-920A-8BB44B090609"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74588026-F427-4E31-89FA-FFCE5B2EC108"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD4F0BA-614B-47A9-B916-DD1400FCE532"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D8C1670-EFEF-409B-B985-5815B6791B24"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF986316-0FB8-4AF9-B372-4FC53C957D8D"}, {"criteria": "cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F59390C3-1517-4908-A10E-02C7FEAA91B5"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "227941BD-D769-45AD-9D61-7FCA3C2264FA"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18BF490A-0865-47C0-A143-0991B40BD259"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E091799F-203D-4C52-839E-E798770C0287"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E53689-C56C-4104-B510-CB4116B898CB"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "591921C3-F7EA-402E-9C36-2EADF0417C72"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FA774A9-81B3-4303-B254-C802B4DC8004"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "877CAAE8-5E57-4D0D-A8EB-8CA696D0CE3F"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25DB127F-4293-4847-A8C4-C7F6B74762EE"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8AE3E25-0726-4039-A3A8-B53F7CF0E638"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC9B08F2-CF75-4875-BDE1-D5D9CC7BF7E8"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11B47B33-C54B-47F7-8AB7-90A589EED6F9"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "377E3DCD-CEB7-400B-BD78-A4C1EE98E4E5"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8D53754-B3A3-421D-89C2-52F75C103254"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DE3F6F1-C352-4512-BD93-C544C2A77314"}, {"criteria": "cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF70A398-852D-47CD-A786-DE983FD319D5"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}