Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-15804

EPSS 0.30% · P53
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-15804

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in the MapR File System in MapR Converged Data Platform and MapR-XD 6.x and earlier. Under certain conditions, it is possible for MapR ticket credentials to become compromised, allowing a user to escalate their privileges to act as (aka impersonate) any other user, including cluster administrators, aka bug# 31935. This affects all users who have enabled security on the MapR platform and is fixed in mapr-patch-5.2.1.42646.GA-20180731093831, mapr-patch-5.2.2.44680.GA-20180802011430, mapr-patch-6.0.0.20171109191718.GA-20180802011420, and mapr-patch-6.0.1.20180404222005.GA-20180806214919.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MapR Converged Data Platform和MapR-XD MapR文件系统安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MapR Converged Data Platform和MapR-XD都是美国MapR Technologies公司的产品。MapR Converged Data Platform是一套用于支持大数据应用程序的融合数据平台。MapR-XD是一套分布式数据存储系统。 MapR Converged Data Platform和MapR-XD 6.x及之前版本中的MapR文件系统存在安全漏洞。攻击者可利用该漏洞提升权限,进而模拟任何其他用户,包括集群管理员。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2018-15804

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-15804

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-08-23 · 18 CVEs total

CVE-2018-1159Mikrotik RouterOS 安全漏洞
CVE-2018-15685GitHub Electron 安全漏洞
CVE-2018-15748Dell 2335dn Printer Firmware、Engine Firmware和Network Firmware安全漏洞
CVE-2018-1999047CloudBees Jenkins 安全漏洞
CVE-2018-1999046CloudBees Jenkins 信息泄露漏洞
CVE-2018-1999045CloudBees Jenkins 授权问题漏洞
CVE-2018-1999044CloudBees Jenkins 安全漏洞
CVE-2018-1999043CloudBees Jenkins 安全漏洞
CVE-2018-1999042CloudBees Jenkins 安全漏洞
CVE-2018-15822FFmpeg 安全漏洞
CVE-2018-1158Mikrotik RouterOS 资源管理错误漏洞
CVE-2018-1157Mikrotik RouterOS 安全漏洞
CVE-2018-1156Mikrotik RouterOS 缓冲区错误漏洞
CVE-2003-1605Haxx curl 信息泄露漏洞
CVE-2018-15809AccuPOS 安全漏洞
CVE-2018-15808POSIM EVO for Windows 安全漏洞
CVE-2018-15807POSIM EVO for Windows 安全漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2018-15804

No comments yet

Leave a comment