Incorrect User Access Control in Apache Hadoop Versions 2.7.5 to 2.7.6, 2.8.3 to 2.8.4, and 2.9.0 to 2.9.1 with Non-Default Groups Mapping
CVE-2018-11767 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:P
In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.
Learn more about our Cis Benchmark Audit For Apache Http Server.