CVE-2018-11764

Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured.

View Full Alert

Related Posts

  • CVE-2018-17792

    MDaemon Webmail (formerly WorldClient) has CSRF. View Full Alert

  • CVE-2018-14919

    LOYTEC LGATE-902 6.3.2 devices allow XSS. View Full Alert

  • CVE-2018-14918

    LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal. View Full Alert