CVE-2012-4449
CVSS v3.0
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
0.16 % (53th)
Affected Products
1
Advisories
1
Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack.
Weaknesses
- CWE-327
- Use of a Broken or Risky Cryptographic Algorithm
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2017-10-30 19:29:00
(6 years ago) - Updated Date
-
2023-11-07 02:11:52
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...