CVE-2014-0228

CVSS v2.0 3.5 (Low)

EPSS 0.06 % (26^th)

Affected Products 1

Advisories 1

Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI.

Weaknesses

CWE-284: Improper Access Control

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2014-11-16 17:59:00
(9 years ago)
Updated Date: 2023-11-07 02:18:16
(10 months ago)

Affected Products

Apache

Hive

Configuration #1

		CPE23	From	Up To
	Apache Hive 0.13.0 and prior versions	cpe:2.3:a:apache:hive		<= 0.13.0