cve/2015/CVE-2015-1776.md

CVE-2015-1776

Description

Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file.

POC

Reference

• http://www.securityfocus.com/bid/83259

Github

• https://github.com/ARPSyndicate/cvemon