Apache : Security Vulnerabilities, CVEs, Published In November 2014 (Gain Privilege)
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI.
Max CVSS
3.5
EPSS Score
0.06%
Published
2014-11-16
Updated
2018-10-09
1 vulnerabilities found