Vulnerability Name:

CVE-2018-1284 (CCN-141254)

Assigned:2017-12-07
Published:2018-04-04
Updated:2018-05-15
Summary:In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs (xpath/xpath_string/xpath_boolean/xpath_number/xpath_double/xpath_float/xpath_long/xpath_int/xpath_short) to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user (usually hive) if hive.server2.enable.doAs=false.
CVSS v3 Severity:3.7 Low (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
3.2 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2018-1284

Source: CCN
Type: Apache Mailing List, Wed, 04 Apr 2018 22:06:09 GMT
Hive UDF series UDFXPathXXXX allow users to pass carefully crafted XML to access arbitrary files

Source: CCN
Type: oss-sec Mailing List, Wed, 4 Apr 2018 15:06:09 -0700
CVE-2018-1284: Hive UDF series UDFXPathXXXX allow users to pass carefully crafted XML to access arbitrary files

Source: BID
Type: Third Party Advisory, VDB Entry
103750

Source: CCN
Type: BID-103750
Apache Hive CVE-2018-1284 Security Bypass Vulnerability

Source: XF
Type: UNKNOWN
apache-hive-cve20181284-sec-bypass(141254)

Source: CCN
Type: Apache Hive Web site
Apache Hive

Source: MLIST
Type: Mailing List, Mitigation, Vendor Advisory
[dev] 20180404 [SECURITY] CVE-2018-1284: Hive UDF series UDFXPathXXXX allow users to pass carefully crafted XML to access

Source: CCN
Type: IBM Security Bulletin 737059 (Security Guardium)
IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:hive:*:*:*:*:*:*:*:* (Version >= 0.6.0 and <= 2.3.2)

    • Configuration CCN 1:
  • cpe:/a:apache:hive:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:hive:2.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:hive:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:hive:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:hive:0.6.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:security_guardium:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apache hive *
    apache hive 2.1.0
    apache hive 2.3.0
    apache hive 2.3.2
    apache hive 0.7.1
    apache hive 0.6.0
    ibm security guardium 10.0
    ibm security guardium 10.5