CVE-2017-7669

Name of the Vulnerable Software and Affected Versions Apache Hadoop versions 2.8.0 through 2.8.0 Apache Hadoop versions 3.0.0-alpha1 through 3.0.0-alpha2

Description The issue in Apache Hadoop is related to insufficient input validation, allowing authenticated users to run commands as root when the docker feature is enabled. This can be exploited by a remote attacker to execute commands with root privileges.

Recommendations For Apache Hadoop version 2.8.0, update to version 2.8.1 to resolve the issue. For Apache Hadoop versions 3.0.0-alpha1 and 3.0.0-alpha2, update to version 3.0.0-alpha3 to resolve the issue. As a temporary workaround, consider disabling the docker feature to minimize the risk of exploitation.