cvelistv5 - cve-2022-41137

CVE-2022-41137 (GCVE-0-2022-41137)

Vulnerability from cvelistv5 – Published: 2024-12-05 10:01 – Updated: 2024-12-05 17:02

Summary

Apache Hive Metastore (HMS) uses SerializationUtilities#deserializeObjectWithTypeInformation method when filtering and fetching partitions that is unsafe and can lead to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data. In real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.

Severity ?

No CVSS data available.

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

apache

References

URL

Tags

	https://github.com/apache/hive	product
	https://issues.apache.org/jira/browse/HIVE-26539	issue-tracking
	https://github.com/apache/hive/commit/60027bb9c91…	patch
	https://lists.apache.org/thread/jwtr3d9yovf2wo0ql…	vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Hive	Affected: 4.0.0-alpha-1 , < 4.0.0 (semver)

Credits

Junjie Liao

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-12-05T10:03:34.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/04/2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:hive:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "hive",
            "vendor": "apache",
            "versions": [
              {
                "lessThan": "4.0.0",
                "status": "affected",
                "version": "4.0.0-alpha-1",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-41137",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T17:00:40.730056Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T17:02:05.659Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.hive:hive-exec",
          "product": "Apache Hive",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "4.0.0",
              "status": "affected",
              "version": "4.0.0-alpha-1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Junjie Liao"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Apache Hive\u0026nbsp;Metastore (HMS) uses\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSerializationUtilities#deserializeObjectWithTypeInformation\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;method when filtering and fetching partitions that is unsafe and\u003c/span\u003e\u0026nbsp;can lead\u0026nbsp;to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\u003cbr\u003e\u003cbr\u003eIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\u0026nbsp;a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments."
            }
          ],
          "value": "Apache Hive\u00a0Metastore (HMS) uses\u00a0SerializationUtilities#deserializeObjectWithTypeInformation\u00a0method when filtering and fetching partitions that is unsafe and\u00a0can lead\u00a0to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\n\nIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\u00a0a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-05T10:01:41.692Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/apache/hive"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://issues.apache.org/jira/browse/HIVE-26539"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/apache/hive/commit/60027bb9c91a93affcfebd9068f064bc1f2a74c9"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts"
        }
      ],
      "source": {
        "defect": [
          "HIVE-26539"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Apache Hive: Deserialization of untrusted data when fetching partitions from the Metastore",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2022-41137",
    "datePublished": "2024-12-05T10:01:41.692Z",
    "dateReserved": "2022-09-20T14:55:51.817Z",
    "dateUpdated": "2024-12-05T17:02:05.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Hive\\u00a0Metastore (HMS) uses\\u00a0SerializationUtilities#deserializeObjectWithTypeInformation\\u00a0method when filtering and fetching partitions that is unsafe and\\u00a0can lead\\u00a0to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\\n\\nIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\\u00a0a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.\"}, {\"lang\": \"es\", \"value\": \"Apache Hive Metastore (HMS) utiliza el m\\u00e9todo SerializationUtilities#deserializeObjectWithTypeInformation al filtrar y obtener particiones, lo que no es seguro y puede provocar una ejecuci\\u00f3n de c\\u00f3digo remoto (RCE), ya que permite la deserializaci\\u00f3n de datos arbitrarios. En implementaciones reales, la vulnerabilidad solo puede ser explotada por usuarios o clientes autenticados que pudieron establecer una conexi\\u00f3n exitosa con Metastore. Desde una perspectiva de API, cualquier c\\u00f3digo que llame al m\\u00e9todo no seguro puede ser vulnerable a menos que realice comprobaciones previas adicionales en los argumentos de entrada.\"}]",
      "id": "CVE-2022-41137",
      "lastModified": "2024-12-05T17:15:07.033",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H\", \"baseScore\": 8.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.5}]}",
      "published": "2024-12-05T10:15:04.450",
      "references": "[{\"url\": \"https://github.com/apache/hive\", \"source\": \"security@apache.org\"}, {\"url\": \"https://github.com/apache/hive/commit/60027bb9c91a93affcfebd9068f064bc1f2a74c9\", \"source\": \"security@apache.org\"}, {\"url\": \"https://issues.apache.org/jira/browse/HIVE-26539\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts\", \"source\": \"security@apache.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/12/04/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security@apache.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-41137\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-12-05T10:15:04.450\",\"lastModified\":\"2025-07-15T16:34:07.850\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Hive\u00a0Metastore (HMS) uses\u00a0SerializationUtilities#deserializeObjectWithTypeInformation\u00a0method when filtering and fetching partitions that is unsafe and\u00a0can lead\u00a0to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\\n\\nIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\u00a0a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.\"},{\"lang\":\"es\",\"value\":\"Apache Hive Metastore (HMS) utiliza el m\u00e9todo SerializationUtilities#deserializeObjectWithTypeInformation al filtrar y obtener particiones, lo que no es seguro y puede provocar una ejecuci\u00f3n de c\u00f3digo remoto (RCE), ya que permite la deserializaci\u00f3n de datos arbitrarios. En implementaciones reales, la vulnerabilidad solo puede ser explotada por usuarios o clientes autenticados que pudieron establecer una conexi\u00f3n exitosa con Metastore. Desde una perspectiva de API, cualquier c\u00f3digo que llame al m\u00e9todo no seguro puede ser vulnerable a menos que realice comprobaciones previas adicionales en los argumentos de entrada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:hive:4.0.0:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76721527-FDE1-4313-A7BB-7324CEC18C08\"}]}]}],\"references\":[{\"url\":\"https://github.com/apache/hive\",\"source\":\"security@apache.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/hive/commit/60027bb9c91a93affcfebd9068f064bc1f2a74c9\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://issues.apache.org/jira/browse/HIVE-26539\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/12/04/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2024/12/04/2\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-12-05T10:03:34.734Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-41137\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-05T17:00:40.730056Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:apache:hive:*:*:*:*:*:*:*:*\"], \"vendor\": \"apache\", \"product\": \"hive\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0.0-alpha-1\", \"lessThan\": \"4.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-05T16:58:51.448Z\"}}], \"cna\": {\"title\": \"Apache Hive: Deserialization of untrusted data when fetching partitions from the Metastore\", \"source\": {\"defect\": [\"HIVE-26539\"], \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Junjie Liao\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"moderate\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Hive\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0.0-alpha-1\", \"lessThan\": \"4.0.0\", \"versionType\": \"semver\"}], \"packageName\": \"org.apache.hive:hive-exec\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/apache/hive\", \"tags\": [\"product\"]}, {\"url\": \"https://issues.apache.org/jira/browse/HIVE-26539\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/apache/hive/commit/60027bb9c91a93affcfebd9068f064bc1f2a74c9\", \"tags\": [\"patch\"]}, {\"url\": \"https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Apache Hive\\u00a0Metastore (HMS) uses\\u00a0SerializationUtilities#deserializeObjectWithTypeInformation\\u00a0method when filtering and fetching partitions that is unsafe and\\u00a0can lead\\u00a0to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\\n\\nIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\\u00a0a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Apache Hive\u0026nbsp;Metastore (HMS) uses\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eSerializationUtilities#deserializeObjectWithTypeInformation\u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u0026nbsp;method when filtering and fetching partitions that is unsafe and\u003c/span\u003e\u0026nbsp;can lead\u0026nbsp;to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\u003cbr\u003e\u003cbr\u003eIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\u0026nbsp;a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-12-05T10:01:41.692Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-41137\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-05T17:02:05.659Z\", \"dateReserved\": \"2022-09-20T14:55:51.817Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-12-05T10:01:41.692Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2022-41137

Vulnerability from fkie_nvd - Published: 2024-12-05 10:15 - Updated: 2025-07-15 16:34

Severity ?

8.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Summary

References

URL	Tags
security@apache.org	https://github.com/apache/hive	Product
security@apache.org	https://github.com/apache/hive/commit/60027bb9c91a93affcfebd9068f064bc1f2a74c9	Patch
security@apache.org	https://issues.apache.org/jira/browse/HIVE-26539	Issue Tracking
security@apache.org	https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts	Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/12/04/2	Mailing List, Third Party Advisory

Impacted products

	Vendor	Product	Version
	apache	hive	4.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:hive:4.0.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "76721527-FDE1-4313-A7BB-7324CEC18C08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache Hive\u00a0Metastore (HMS) uses\u00a0SerializationUtilities#deserializeObjectWithTypeInformation\u00a0method when filtering and fetching partitions that is unsafe and\u00a0can lead\u00a0to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\n\nIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\u00a0a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments."
    },
    {
      "lang": "es",
      "value": "Apache Hive Metastore (HMS) utiliza el m\u00e9todo SerializationUtilities#deserializeObjectWithTypeInformation al filtrar y obtener particiones, lo que no es seguro y puede provocar una ejecuci\u00f3n de c\u00f3digo remoto (RCE), ya que permite la deserializaci\u00f3n de datos arbitrarios. En implementaciones reales, la vulnerabilidad solo puede ser explotada por usuarios o clientes autenticados que pudieron establecer una conexi\u00f3n exitosa con Metastore. Desde una perspectiva de API, cualquier c\u00f3digo que llame al m\u00e9todo no seguro puede ser vulnerable a menos que realice comprobaciones previas adicionales en los argumentos de entrada."
    }
  ],
  "id": "CVE-2022-41137",
  "lastModified": "2025-07-15T16:34:07.850",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.5,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-05T10:15:04.450",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/apache/hive"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/apache/hive/commit/60027bb9c91a93affcfebd9068f064bc1f2a74c9"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://issues.apache.org/jira/browse/HIVE-26539"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2024/12/04/2"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "security@apache.org",
      "type": "Secondary"
    }
  ]
}

GHSA-6HQR-C69M-R76Q

Vulnerability from github – Published: 2024-12-05 12:31 – Updated: 2024-12-05 19:57

Summary

Apache Hive: Deserialization of untrusted data when fetching partitions from the Metastore

Details

In real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.

Severity ?

8.3 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

7.2 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.hive:hive-exec"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0-alpha-1"
            },
            {
              "fixed": "4.0.0-alpha-2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.0.0-alpha-1"
      ]
    }
  ],
  "aliases": [
    "CVE-2022-41137"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-12-05T19:57:26Z",
    "nvd_published_at": "2024-12-05T10:15:04Z",
    "severity": "HIGH"
  },
  "details": "Apache Hive\u00a0Metastore (HMS) uses\u00a0SerializationUtilities#deserializeObjectWithTypeInformation\u00a0method when filtering and fetching partitions that is unsafe and\u00a0can lead\u00a0to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data.\n\nIn real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish\u00a0a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.",
  "id": "GHSA-6hqr-c69m-r76q",
  "modified": "2024-12-05T19:57:26Z",
  "published": "2024-12-05T12:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41137"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/hive/commit/60027bb9c91a93affcfebd9068f064bc1f2a74c9"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/hive"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/HIVE-26539"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/12/04/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache Hive: Deserialization of untrusted data when fetching partitions from the Metastore"
}

GSD-2022-41137

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2022-41137

Aliases

CVE-2022-41137

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-41137",
    "id": "GSD-2022-41137"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-41137"
      ],
      "id": "GSD-2022-41137",
      "modified": "2023-12-13T01:19:32.599728Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2022-41137",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

CNVD-2024-49152

Vulnerability from cnvd - Published: 2024-12-24

Title

Apache Hive代码执行漏洞

Description

Apache Hive是美国阿帕奇（Apache）基金会的一套基于Hadoop（分布式系统基础架构）的数据仓库软件。该软件提供了一个数据集成方法和一种高级的查询语言，以支持在Hadoop上进行大规模数据分析。 Apache Hive存在代码执行漏洞，该漏洞源于在过滤和获取分区时使用的方法不安全，攻击者可利用该漏洞导致远程代码执行。

Severity

高

Patch Name

Apache Hive代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts

Reference

http://www.openwall.com/lists/oss-security/2024/12/04/2

Impacted products

Name
Apache Apache Hive

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-41137",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-41137"
    }
  },
  "description": "Apache Hive\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eHadoop\uff08\u5206\u5e03\u5f0f\u7cfb\u7edf\u57fa\u7840\u67b6\u6784\uff09\u7684\u6570\u636e\u4ed3\u5e93\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u63d0\u4f9b\u4e86\u4e00\u4e2a\u6570\u636e\u96c6\u6210\u65b9\u6cd5\u548c\u4e00\u79cd\u9ad8\u7ea7\u7684\u67e5\u8be2\u8bed\u8a00\uff0c\u4ee5\u652f\u6301\u5728Hadoop\u4e0a\u8fdb\u884c\u5927\u89c4\u6a21\u6570\u636e\u5206\u6790\u3002\n\nApache Hive\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u8fc7\u6ee4\u548c\u83b7\u53d6\u5206\u533a\u65f6\u4f7f\u7528\u7684\u65b9\u6cd5\u4e0d\u5b89\u5168\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread/jwtr3d9yovf2wo0qlxvkhoxnwxxyzgts",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-49152",
  "openTime": "2024-12-24",
  "patchDescription": "Apache Hive\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eHadoop\uff08\u5206\u5e03\u5f0f\u7cfb\u7edf\u57fa\u7840\u67b6\u6784\uff09\u7684\u6570\u636e\u4ed3\u5e93\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u63d0\u4f9b\u4e86\u4e00\u4e2a\u6570\u636e\u96c6\u6210\u65b9\u6cd5\u548c\u4e00\u79cd\u9ad8\u7ea7\u7684\u67e5\u8be2\u8bed\u8a00\uff0c\u4ee5\u652f\u6301\u5728Hadoop\u4e0a\u8fdb\u884c\u5927\u89c4\u6a21\u6570\u636e\u5206\u6790\u3002\r\n\r\nApache Hive\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u8fc7\u6ee4\u548c\u83b7\u53d6\u5206\u533a\u65f6\u4f7f\u7528\u7684\u65b9\u6cd5\u4e0d\u5b89\u5168\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Hive\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Apache Hive"
  },
  "referenceLink": "http://www.openwall.com/lists/oss-security/2024/12/04/2",
  "serverity": "\u9ad8",
  "submitTime": "2024-12-13",
  "title": "Apache Hive\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-41137 (GCVE-0-2022-41137)

FKIE_CVE-2022-41137

GHSA-6HQR-C69M-R76Q

GSD-2022-41137

CNVD-2024-49152

Tags

Sightings

Nomenclature