CVE-2013-2193

Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
ADJACENT_NETWORK
HIGH
AV:A/AC:H/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
apachehbase
0.92.0
apachehbase
0.92.1
apachehbase
0.92.2
apachehbase
0.94.0
apachehbase
0.94.1
apachehbase
0.94.2
apachehbase
0.94.3
apachehbase
0.94.4
apachehbase
0.94.5
apachehbase
0.94.6
apachehbase
0.94.6.1
apachehbase
0.94.7
apachehbase
0.94.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/96615
http://seclists.org/fulldisclosure/2013/Aug/250
https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
http://osvdb.org/96615
http://seclists.org/fulldisclosure/2013/Aug/250
https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html