Cryptographic issues in Hadoop

Published: 2012-07-12 | Updated: 2020-08-11

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2012-3376
CWE-ID	CWE-310
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Hadoop Server applications / Frameworks for developing and running applications
Vendor	Apache Foundation

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Cryptographic issues

EUVDB-ID: #VU43888

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-3376

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Hadoop: 2.0.0

CPE2.3

cpe:2.3:a:apache_foundation:hadoop:2.0.0:*:*:*:*:*:*:*

External links

https://archives.neohapsis.com/archives/bugtraq/2012-07/0049.html
https://www.securityfocus.com/bid/54358
https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.