Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-3166

In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
Products affected by CVE-2017-3166
  • Apache » Hadoop » Version: 2.6.1
    cpe:2.3:a:apache:hadoop:2.6.1
  • Apache » Hadoop » Version: 2.6.2
    cpe:2.3:a:apache:hadoop:2.6.2
  • Apache » Hadoop » Version: 2.6.3
    cpe:2.3:a:apache:hadoop:2.6.3
  • Apache » Hadoop » Version: 2.6.4
    cpe:2.3:a:apache:hadoop:2.6.4
  • Apache » Hadoop » Version: 2.6.5
    cpe:2.3:a:apache:hadoop:2.6.5
  • Apache » Hadoop » Version: 2.7.0
    cpe:2.3:a:apache:hadoop:2.7.0
  • Apache » Hadoop » Version: 2.7.1
    cpe:2.3:a:apache:hadoop:2.7.1
  • Apache » Hadoop » Version: 2.7.2
    cpe:2.3:a:apache:hadoop:2.7.2
  • Apache » Hadoop » Version: 2.7.3
    cpe:2.3:a:apache:hadoop:2.7.3
  • Apache » Hadoop » Version: 3.0.0
    cpe:2.3:a:apache:hadoop:3.0.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved