Risk | Low |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2018-1314 CVE-2018-11777 |
CWE-ID | CWE-264 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Apache Hive Server applications / Database software |
Vendor | Apache Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU15781
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1314
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.
The vulnerability exists due to improper security restrictions when the EXPLAIN operation is used. A remote authenticated attacker can use the EXPLAIN operation in a query, bypass security restrictions, access or modify any file and conduct further attacks.
MitigationThe vulnerability has been fixed in the versions 2.3.4, 3.1.1.
Vulnerable software versionsApache Hive: 2.3.0 - 3.1.0
External linkshttp://github.com/pyca/pyopenssl/pull/723
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15782
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11777
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.
The vulnerability exists due to improper security restrictions on local resources on HiveServer2 servers. A remote authenticated attacker can bypass security restrictions, access or modify any file if the Ranger, Sentry or SQL Standard authorizers are not in use and conduct further attacks.
MitigationThe vulnerability has been fixed in the versions 2.3.4, 3.1.1.
Vulnerable software versionsApache Hive: 2.3.0 - 3.1.0
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.