7.5

CVSS Score

3.0

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-7669

CVE-2017-7669: Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root. This issue is fixed in versions 2.8.1 and 3.0.0-alpha3.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2017-7669

CVE-2017-7669:

7.5

CVSS Score

3.0

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.hadoop:hadoop-common	maven	< 2.8.1	2.8.1
org.apache.hadoop:hadoop-common	maven	>= 3.0.0-alpha1, < 3.0.0-alpha3	3.0.0-alpha3

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability centers around the LinuxContainerExecutor's handling of docker commands. From the advisory details:

The core issue is insufficient input validation when constructing/running docker commands as root
The LinuxContainerExecutor is specifically named as the vulnerable component
The CWE-20 classification indicates improper input validation in command construction

Key functions would be those responsible for:

Building the docker command line arguments (buildDockerCommand)
Executing privileged operations (execute)

These functions would appear in runtime profiles during exploitation as they directly handle user input and execute docker commands. The high confidence comes from the explicit component mention in advisories and the nature of privilege escalation through command injection vulnerabilities.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2017-7669: Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation

CVE-2017-7669:

7.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

7.5

7.5

Basic Information

Basic Information

Technical Details

CVE-2017-7669: Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI