PT-2016-3773 · Apache · Hadoop Connector

Published

2016-01-02

Updated

2016-01-07

CVE-2015-7430

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Hadoop connector versions 1.1.1, 2.4, 2.5, and 2.7.0-0 through 2.7.0-2

Description The issue allows local users to read or write to arbitrary GPFS data via unspecified vectors.

Recommendations For version 1.1.1, update to a version after 2.7.0-2. For version 2.4, update to a version after 2.7.0-2. For version 2.5, update to a version after 2.7.0-2. For versions 2.7.0-0 through 2.7.0-2, update to version 2.7.0-3 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2015-7430

Affected Products

Hadoop Connector

PT-2016-3773 · Apache · Hadoop Connector

CVE-2015-7430

Weakness Enumeration

Related Identifiers

Affected Products

References · 2