6.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-15713

GHSA ID

GHSA-3v44-382q-55f4

EPSS Score

0.70622%

CWE

CWE-200

Published

12/21/2018

Updated

1/9/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-15713

CVE-2017-15713:
Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main

Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the MapReduce job history server host.

(GitHub Advisory)

6.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-15713

GHSA ID

GHSA-3v44-382q-55f4

EPSS Score

0.70622%

CWE

CWE-200

Published

12/21/2018

Updated

1/9/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.hadoop:hadoop-main	maven	< 2.7.5	2.7.5
org.apache.hadoop:hadoop-main	maven	>= 2.8.0, < 2.8.3	2.8.3

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability centers on insecure XML parsing in job history processing. The primary vulnerable function is JobConf.loadResource which handles XML configuration loading. This function would appear in stack traces when processing malicious job configs. The parseHistoryTimelineEvent is involved in processing historical job data and would handle attacker-supplied XML payloads. Both functions would show XML parsing activity without security features (like disallowing DTDs) in vulnerable versions. The high confidence for JobConf.loadResource aligns with typical XXE vulnerability patterns in configuration parsing, while the history server component gets medium confidence based on attack vector description.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Vuln*r**ility in *p**** ***oop *.**.x, *.x ***or* *.*.*, *.*.x ***or* *.*.*, *n* *.*.*-*lp** t*rou** *.*.*-**t** *llows * *lust*r us*r to *xpos* priv*t* *il*s own** *y t** us*r runnin* t** M*pR**u** jo* *istory s*rv*r pro**ss. T** m*li*ious us*r **n

Reasoning

T** vuln*r**ility **nt*rs on ins**ur* XML p*rsin* in jo* *istory pro**ssin*. T** prim*ry vuln*r**l* *un*tion is `Jo**on*.lo**R*sour**` w*i** **n*l*s XML *on*i*ur*tion lo**in*. T*is *un*tion woul* *pp**r in st**k tr***s w**n pro**ssin* m*li*ious jo* *

6.5

Basic Information

Concerned about an active attack path?

CVE-2017-15713: Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2017-15713:
Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main

Vulnerability Intelligence
Miggo AI