GHSA-p8xr-4v2c-rvgp
Suggest an improvement- Source
- https://github.com/advisories/GHSA-p8xr-4v2c-rvgp
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-p8xr-4v2c-rvgp/GHSA-p8xr-4v2c-rvgp.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-p8xr-4v2c-rvgp
- Aliases
-
- CVE-2015-1836
- Published
- 2018-10-18T18:04:50Z
- Modified
- 2023-11-08T03:57:50.996364Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- High severity vulnerability that affects org.apache.hbase:hbase
- Details
-
Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic.
- Database specific
{ "nvd_published_at": null, "github_reviewed_at": "2020-06-16T21:48:39Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-284" ] }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2015-1836
- https://github.com/advisories/GHSA-p8xr-4v2c-rvgp
- https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
- http://mail-archives.apache.org/mod_mbox/www-announce/201505.mbox/%3CCA+RK=_CFiTfQ2d0V+kuJx_y5izmYccaKjXaJ3V72KK7tbOhbkg@mail.gmail.com%3E
- http://www-01.ibm.com/support/docview.wss?uid=swg21969546
- http://www.securitytracker.com/id/1034365
Affected packages
Maven / org.apache.hbase:hbase
Package
- Name
- org.apache.hbase:hbase
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.hbase/hbase
Affected versions
0.*
0.98.0-hadoop1
0.98.0-hadoop2
0.98.1-hadoop1
0.98.1-hadoop2
0.98.2-hadoop1
0.98.2-hadoop2
0.98.3-hadoop1
0.98.3-hadoop2
0.98.4-hadoop1
0.98.4-hadoop2
0.98.5-hadoop1
0.98.5-hadoop2
0.98.6-hadoop1
0.98.6-hadoop2
0.98.6.1-hadoop1
0.98.6.1-hadoop2
0.98.7-hadoop1
0.98.7-hadoop2
0.98.8-hadoop1
0.98.8-hadoop2
0.98.9-hadoop1
0.98.9-hadoop2
0.98.10-hadoop1
0.98.10-hadoop2
0.98.10.1-hadoop1
0.98.10.1-hadoop2
0.98.11-hadoop1
0.98.11-hadoop2
0.98.12-hadoop1
0.98.12-hadoop2
Maven / org.apache.hbase:hbase
Package
- Name
- org.apache.hbase:hbase
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.hbase/hbase
Maven / org.apache.hbase:hbase
Package
- Name
- org.apache.hbase:hbase
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.hbase/hbase