CVE-2018-1315

Name of the Vulnerable Software and Affected Versions Apache Hive versions 2.1.0 through 2.3.2

Description The issue arises when the 'COPY FROM FTP' statement is executed using the HPL/SQL extension to Hive. A malicious FTP server can cause a file to be written to an arbitrary location on the cluster, as the FTP client code in HPL/SQL does not verify the destination location of the downloaded file. This issue does not affect Hive CLI users or HiveServer2 users, as HPL/SQL is a separate command-line script invoked differently.

Recommendations For Apache Hive versions 2.1.0 through 2.3.2, consider disabling the HPL/SQL extension until a patch is available to prevent potential exploitation. Restrict access to the 'COPY FROM FTP' statement to minimize the risk of arbitrary file writes on the cluster.