CVE-2018-1314
CVSS v3.0
4.3 (Medium)
CVSS v2.0
4 (Medium)
EPSS
0.06 % (28th)
Affected Products
1
Advisories
1
In Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do "EXPLAIN" on arbitrary table or view and expose table metadata and statistics.
Weaknesses
- CWE-862
- Missing Authorization
- CVE Status
- PUBLISHED
- CNA
- Apache Software Foundation
- Published Date
-
2018-11-08 14:29:00
(5 years ago) - Updated Date
-
2023-11-07 02:55:57
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...