{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-04T21:13:15.787","vulnerabilities":[{"cve":{"id":"CVE-2017-3162","sourceIdentifier":"security@apache.org","published":"2017-04-26T20:59:00.260","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0."},{"lang":"es","value":"Vulnerabilidad en HDFS de Hadoop en versiones anteriores a la 2.7.0, a través de la cual clientes de HDFS podrían interactuar con un servlet en el DataNode para poder explorar el espacio de nombres HDFS. El NameNode se proporcionaría como un parámetro de consulta que no estaría validado en las versiones mencionadas de Apache Hadoop."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*","versionEndIncluding":"2.6.5","matchCriteriaId":"8FD2F650-257B-49ED-80EE-DCF20088D3EB"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/98017","source":"security@apache.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E","source":"security@apache.org"},{"url":"https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E","source":"security@apache.org"},{"url":"https://s.apache.org/k2ss","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/98017","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://s.apache.org/k2ss","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}