CVE-2024-23454

Apache Hadoop’s RunJar.run() does not set permissions for temporary directory by default. If sensitive data will be present in this file, all the other local users may be able to view the content. This is because, on unix-like systems, the system temporary directory is shared between all local users. As such, files written in this directory, without setting the correct posix permissions explicitly, may be viewable by all other local users.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://issues.apache.org/jira/browse/HADOOP-19031	Patch Vendor Advisory
https://lists.apache.org/thread/xlo7q8kn4tsjvx059r789oz19hzgfkfs	Mailing List Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/09/25/1	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20241101-0002/	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-09-25 08:15

Updated : 2025-11-13 14:14

NVD link : CVE-2024-23454

Mitre link : CVE-2024-23454

CVE.ORG link : CVE-2024-23454

JSON object : View

Products Affected

apache

hadoop

CWE

CWE-378

Creation of Temporary File With Insecure Permissions

{"id": "CVE-2024-23454", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2024-09-25T08:15:04.317", "references": [{"url": "https://issues.apache.org/jira/browse/HADOOP-19031", "tags": ["Patch", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://lists.apache.org/thread/xlo7q8kn4tsjvx059r789oz19hzgfkfs", "tags": ["Mailing List", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.openwall.com/lists/oss-security/2024/09/25/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20241101-0002/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-378"}]}], "descriptions": [{"lang": "en", "value": "Apache Hadoop\u2019s RunJar.run()\u00a0does not set permissions for temporary directory\u00a0by default. If sensitive data will be present in this file, all the other local users may be able to view the content.\nThis is because, on unix-like systems, the system temporary directory is\nshared between all local users. As such, files written in this directory,\nwithout setting the correct posix permissions explicitly, may be viewable\nby all other local users."}, {"lang": "es", "value": "RunJar.run() de Apache Hadoop no establece permisos para el directorio temporal de forma predeterminada. Si en este archivo se encuentran datos confidenciales, todos los dem\u00e1s usuarios locales podr\u00e1n ver el contenido. Esto se debe a que, en sistemas tipo Unix, el directorio temporal del sistema se comparte entre todos los usuarios locales. Por lo tanto, los archivos escritos en este directorio, sin establecer expl\u00edcitamente los permisos posix correctos, pueden ser visibles para todos los dem\u00e1s usuarios locales."}], "lastModified": "2025-11-13T14:14:48.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B563F47C-E267-44FF-B9D5-0E262602149E", "versionEndExcluding": "3.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}