8.8

CVSS Score

3.0

Basic Information

CVE ID

CVE-2016-6811

GHSA ID

GHSA-mf7c-35mq-75pj

EPSS Score

0.66568%

CWE

CWE-277

Published

5/14/2022

Updated

1/27/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2016-6811

CVE-2016-6811:
Insecure Inherited Permissions in Apache Hadoop

In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.

(GitHub Advisory)

8.8

CVSS Score

3.0

Basic Information

CVE ID

CVE-2016-6811

GHSA ID

GHSA-mf7c-35mq-75pj

EPSS Score

0.66568%

CWE

CWE-277

Published

5/14/2022

Updated

1/27/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.hadoop:hadoop-common	maven	>= 2.0.0-alpha, <= 2.7.3	2.7.4

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

In *p**** ***oop *.x ***or* *.*.*, * us*r w*o **n *s**l*t* to y*rn us*r **n possi*ly run *r*itr*ry *omm*n*s *s root us*r.

Reasoning

No *n*lysis *v*il**l*

8.8

Basic Information

Concerned about an active attack path?

CVE-2016-6811: Insecure Inherited Permissions in Apache Hadoop

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

CVE-2016-6811:
Insecure Inherited Permissions in Apache Hadoop

Vulnerability Intelligence
Miggo AI