CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1282
https://notcve.org/view.php?id=CVE-2018-1282
This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation. Esta vulnerabilidad en el controlador JDBC de Apache Hive, de la versión 0.7.1 a la 2.3.2, permite que los argumentos cuidadosamente manipulados se empleen para omitir el escape/limpieza de argumentos que el controlador JDBC realiza en la implementación PreparedStatement. • http://www.securityfocus.com/bid/103751 https://exchange.xforce.ibmcloud.com/vulnerabilities/141253 https://lists.apache.org/thread.html/74bd2bff1827febb348dfb323986fa340d3bb97a315ab93c3ccc8299%40%3Cdev.hive.apache.org%3E • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1284
https://notcve.org/view.php?id=CVE-2018-1284
In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs (xpath/xpath_string/xpath_boolean/xpath_number/xpath_double/xpath_float/xpath_long/xpath_int/xpath_short) to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user (usually hive) if hive.server2.enable.doAs=false. En Apache Hive, de la versión 0.6.0 a la 2.3.2, un usuario malicioso podría emplear cualquier UDF xpath (xpath/xpath_string/xpath_boolean/xpath_number/xpath_double/xpath_float/xpath_long/xpath_int/xpath_short) para exponer el contenido de un archivo en la máquina que ejecuta HiveServer2, propiedad de un usuario HiveServer2 (normalmente hive) si hive.server2.enable.doAs=false. • http://www.securityfocus.com/bid/103750 https://lists.apache.org/thread.html/29184dbce4a37be2af36e539ecb479b1d27868f73ccfdff46c7174b4%40%3Cdev.hive.apache.org%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2016-3083
https://notcve.org/view.php?id=CVE-2016-3083
Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connection setup, the client in Apache Hive before 1.2.2 and 2.0.x before 2.0.1 doesn't seem to be verifying the common name attribute of the certificate. In this way, if a JDBC client sends an SSL request to server abc.com, and the server responds with a valid certificate (certified by CA) but issued to xyz.com, the client will accept that as a valid certificate and the SSL handshake will go through. Apache Hive (JDBC + HiveServer2) implementa SSL para conexiones planas TCP y HTTP (soporta ambos modos de transporte). Mientras se comprueba el certificado del servidor durante la configuración de la conexión, el cliente Apache Hive anterior a versión 1.2.2 y versiones 2.0.x anteriores a 2.0.1, no parece estar comprobando el atributo de nombre común del certificado. • http://www.securityfocus.com/bid/98669 https://lists.apache.org/thread.html/0851bcf85635385f94cdaa008053802d92b4aab0a3075e30ed171192%40%3Cdev.hive.apache.org%3E • CWE-295: Improper Certificate Validation •
CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0CVE-2015-7521
https://notcve.org/view.php?id=CVE-2015-7521
The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations. El marco de autorización en Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 y 1.2.1 en clusters protegidos por Ranger y SqlStdHiveAuthorization, permite a atacantes eludir las restricciones de acceso de tabla padre previstas a través de operaciones a nivel partición no especificadas. • http://mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html http://www.openwall.com/lists/oss-security/2016/01/28/12 http://www.securityfocus.com/archive/1/537549/100/0/threaded • CWE-287: Improper Authentication •