CVE-2013-2193

Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
ADJACENT_NETWORK
HIGH
AV:A/AC:H/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
apachehbase
0.92.0
apachehbase
0.92.1
apachehbase
0.92.2
apachehbase
0.94.0
apachehbase
0.94.1
apachehbase
0.94.2
apachehbase
0.94.3
apachehbase
0.94.4
apachehbase
0.94.5
apachehbase
0.94.6
apachehbase
0.94.6.1
apachehbase
0.94.7
apachehbase
0.94.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/96615
http://seclists.org/fulldisclosure/2013/Aug/250
https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
http://osvdb.org/96615
http://seclists.org/fulldisclosure/2013/Aug/250
https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html