CVE-2016-3086

Summary

The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Hadoop2.6.0 to 2.6.4affected
Apache Software FoundationApache Hadoop2.7.0 to 2.7.2affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References