Security Advisory

CVE-2015-1772

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-12-21 11:00:00

Last updated 2024-08-06 04:54:16

Assigner redhat

State PUBLISHED

Description

The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauthenticated and anonymous bind configurations, which allows remote attackers to bypass authentication via a crafted LDAP request.

← Browse all CVEs View on cve.org ↗