Back to search
CVE-2017-12625
Published: Nov 1, 2017
Modified: Sep 16, 2024
PUBLISHED
Description
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache Hive | affected 2.1.x before 2.1.2affected 2.2.x before 2.2.1affected 2.3.0 |
References
[hive-user] 20171031 [CVE-2017-12625] Apache Hive information disclosure vulnerability for column masking
mailing-list
x_refsource_MLIST
101686
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now