TSB 2017-237: Keystore password for the Spark History Server not properly secured

0 votes
asked Aug 20, 2017 in Hadoop by admin (4,410 points)
SummaryThe keystore password for the Spark History Server is exposed in a world-readable file. The keystore file itself is not exposed.

Users with TLS enabled for the Spark History Server have the keystore password exposed in a world-readable file on the machine running the Spark History Server.   The keystore file requiring the password is not exposed.

The password is also visible in the Cloudera Manager UI, by looking at the Spark History Server process’s configuration files.

CVE: CVE-2017-9326
Date/time of detection: April 18, 2017

Applies To

Cloudera Manager 5.11.0


Upgrade to Cloudera Manager 5.11.1 or higher.

Please log in or register to answer this question.