cvedb.io
CVE-2018-15804
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2018-08-23T18:29:00.373 · Last modified 2026-06-17T01:43:07.830

Summary

An issue was discovered in the MapR File System in MapR Converged Data Platform and MapR-XD 6.x and earlier. Under certain conditions, it is possible for MapR ticket credentials to become compromised, allowing a user to escalate their privileges to act as (aka impersonate) any other user, including cluster administrators, aka bug# 31935. This affects all users who have enabled security on the MapR platform and is fixed in mapr-patch-5.2.1.42646.GA-20180731093831, mapr-patch-5.2.2.44680.GA-20180802011430, mapr-patch-6.0.0.20171109191718.GA-20180802011420, and mapr-patch-6.0.1.20180404222005.GA-20180806214919.

Affected products

mapr — mapr

Does this affect you?

Add your gear to cvedb and we'll alert you only when mapr ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.