Home

CVE-2017-12625

Description

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.468

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-exec 2.1.2Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-exec 2.2.1Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-exec 2.3.1Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive 2.1.2Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive 2.2.1Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive 2.3.1Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-service 2.1.2Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-service 2.2.1Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-service 2.3.1Windows
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-exec for Linux 2.1.2Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-exec for Linux 2.2.1Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-exec for Linux 2.3.1Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive for Linux 2.1.2Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive for Linux 2.2.1Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive for Linux 2.3.1Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-service for Linux 2.1.2Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-service for Linux 2.2.1Linux
Vulnerabilities CVE-2017-12625 are fixed in Apache-hive-service for Linux 2.3.1Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234