CVE-2014-3627
CVE-2014-3627 is a medium-severity vulnerability in Apache Hadoop with a CVSS 2.0 base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-59.
Key facts
- Severity: Medium (CVSS 2.0 base score 5.0)
- EPSS exploit prediction: 3% (86th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-59
- Affected product: Apache Hadoop
- Published:
- Last modified:
Description
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Frequently asked questions
- What is CVE-2014-3627?
- The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
- How severe is CVE-2014-3627?
- CVE-2014-3627 has a CVSS 2.0 base score of 5.0, rated medium severity.
- Is CVE-2014-3627 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 3% (86th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2014-3627?
- CVE-2014-3627 primarily affects Apache Hadoop. In total, 26 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2014-3627?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2014-3627 published?
- CVE-2014-3627 was published on 2014-12-05 and last updated on 2026-06-17.
References
- http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug%40mail.gmail.com%3E
- http://secunia.com/advisories/60079
- http://secunia.com/advisories/60432
Affected products (26)
- cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*
More vulnerabilities in Apache Hadoop
- CVE-2022-25168 — Critical (CVSS 9.8): Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An…
- CVE-2021-37404 — Critical (CVSS 9.8): There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user…
- CVE-2022-26612 — Critical (CVSS 9.8): In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and…
- CVE-2019-17195 — Critical (CVSS 9.8): Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in…
- CVE-2017-15718 — Critical (CVSS 9.8): The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the…
- CVE-2012-4449 — Critical (CVSS 9.8): Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when…
All CVEs affecting Apache Hadoop →
Other CWE-59 (Improper Link Resolution Before File Access (Link Following)) vulnerabilities
- CVE-2024-37143 — Critical (CVSS 10.0): Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM…
- CVE-2024-28189 — Critical (CVSS 10.0): Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file…
- CVE-2024-28185 — Critical (CVSS 10.0): Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the…
- CVE-2022-22995 — Critical (CVSS 10.0): The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of…
- CVE-2014-4480 — Critical (CVSS 10.0): Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows…
- CVE-2002-2374 — Critical (CVSS 10.0): Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use…
Browse all CWE-59 (Improper Link Resolution Before File Access (Link Following)) vulnerabilities →