Search for vulnerabilities
Vulnerability details: VCID-xx1y-etyu-zfhv
Vulnerability ID VCID-xx1y-etyu-zfhv
Aliases CVE-2012-1574
GHSA-c6f9-4pmv-m7m6
Summary Apache Hadoop allows impersonation of arbitrary cluster user accounts The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-287 Improper Authentication
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-310 Cryptographic Issues
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2012-1574
generic_textual MODERATE https://github.com/apache/hadoop
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2012-1574
generic_textual MODERATE https://seclists.org/fulldisclosure/2012/Apr/70
generic_textual MODERATE https://web.archive.org/web/20120720041621/https://ccp.cloudera.com/display/DOC/Cloudera+Security+Bulletin#ClouderaSecurityBulletin-MapReducewithSecurity
generic_textual MODERATE https://web.archive.org/web/20151001135054/http://archives.neohapsis.com/archives/bugtraq/2012-04/0051.html
generic_textual MODERATE https://web.archive.org/web/20161215212154/https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#topic_1_0_2
generic_textual MODERATE https://web.archive.org/web/20200229125105/http://www.securityfocus.com/bid/52939
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2012-1574
https://github.com/apache/hadoop
https://nvd.nist.gov/vuln/detail/CVE-2012-1574
https://seclists.org/fulldisclosure/2012/Apr/70
https://web.archive.org/web/20120720041621/https://ccp.cloudera.com/display/DOC/Cloudera+Security+Bulletin#ClouderaSecurityBulletin-MapReducewithSecurity
https://web.archive.org/web/20151001135054/http://archives.neohapsis.com/archives/bugtraq/2012-04/0051.html
https://web.archive.org/web/20161215212154/https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#topic_1_0_2
https://web.archive.org/web/20200229125105/http://www.securityfocus.com/bid/52939
GHSA-c6f9-4pmv-m7m6 https://github.com/advisories/GHSA-c6f9-4pmv-m7m6
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.53748
EPSS Score 0.00312
Published At June 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T12:27:00.766997+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-c6f9-4pmv-m7m6/GHSA-c6f9-4pmv-m7m6.json 36.1.3