CVE-2017-12625

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:hive:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:hive:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:hive:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:hive:2.3.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-01 13:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-12625

Mitre link : CVE-2017-12625

CVE.ORG link : CVE-2017-12625


JSON object : View

Products Affected

apache

  • hive
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor