Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Apache Hive infrastructures vulnerable to authentication flaw in HiveServer2

Apache Hive infrastructures vulnerable to authentication flaw in HiveServer2

2015/05/22

Softpedia - (International) Apache reported that a vulnerability in all versions of its HiveServer2 interface for Apache Hive enterprise data warehouse infrastructure in which users without proper credentials could gain access by exploiting a flaw in the Lightweight Directory Access Protocol (LDAP) authentication mode. The company recommended that users update to the newest version or disable unauthenticated binds in the LDAP service.

Source: http://news.softpedia.com/news/Apache-Hive-Infrastructures-Vulnerable-to-Authentication-Flaw-in-HiveServer2-482001.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:21