CVE-2016-5393

Summary

In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service.

Affected Software

VendorProductVersion RangeStatus
n/aApache HadoopApache Hadoop 2.6.x before 2.6.5, 2.7.x before 2.7.3affected

Weaknesses

  • arbitrary command execution

ADP Enrichment

CVE Program Container

Additional References

References