CVE-2017-12625

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-12625
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12625.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-12625
Aliases
Published
2017-11-01T13:29:00Z
Modified
2024-09-03T01:41:53.110503Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.

References

Affected packages

Git / github.com/apache/hive

Affected ranges

Type
GIT
Repo
https://github.com/apache/hive
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Last affected
Last affected

Affected versions

rel/release-2.*

rel/release-2.1.0
rel/release-2.1.1

rel/storage-release-2.*

rel/storage-release-2.2.0