Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Sentry 不完整的黑名单漏洞
Vulnerability Description
Apache Sentry是美国阿帕奇(Apache)软件基金会的一个用于Hadoop集群中的开源组件,它提供了基于角色的授权以及多租户的管理模式等功能。 Apache Sentry 1.7.0之前的版本中存在不完整的黑名单漏洞。远程攻击者可借助(1)reflect、(2)reflect2或(3)java_method Hive builtin函数利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A