CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can escalate to yarn user can possibly run arbitrary commands as root user.

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

References 2 Total

securityfocus.com: 106035
external site
vdb-entry
https://lists.apache.org/thread.html/ff37bbbe09d5f03090e2dd2c3dea95de16ef4249e731f19b8959ce4c%40%3Cgeneral.hadoop.apache.org%3E
external site

Updated: 2024-08-05

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

securityfocus.com: 106035
external site
vdb-entryx_transferred
https://lists.apache.org/thread.html/ff37bbbe09d5f03090e2dd2c3dea95de16ef4249e731f19b8959ce4c%40%3Cgeneral.hadoop.apache.org%3E
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Apache Software Foundation

Description

Product Status

References 2 Total

CVE Program

References 2 Total