Rewterz Threat Advisory – CVE-2021-25642 – Apache Hadoop Vulnerability
August 27, 2022Rewterz Threat Alert – LockBit 3.0 Ransomware – Active IOCs
August 27, 2022Rewterz Threat Advisory – CVE-2021-25642 – Apache Hadoop Vulnerability
August 27, 2022Rewterz Threat Alert – LockBit 3.0 Ransomware – Active IOCs
August 27, 2022Severity
High
Analysis Summary
CVE-2022-22728
Apache libapreq2 is vulnerable to a denial of service, caused by a buffer overflow while processing multipart form uploads. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the process to crash, and results in a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-22728
Affected Vendors
Apache
Affected Products
- Apache Hadoop 3.0.0-alpha
- Apache Hadoop 2.9.0
- Apache Hadoop 2.10.1
- Apache Hadoop 3.3.0
Remediation
Upgrade to the latest version of Apache Hadoop, available from the Apache Website.