Severity
High
Analysis Summary
CVE-2022-26612
Apache Hadoop for Windows could allow a remote attacker to bypass security restrictions, caused by a flaw in the unTar function. By persuading a victim to open a specially-crafted TAR archive file, an attacker could exploit this vulnerability to write arbitrary files on the system.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-26612
Affected Vendors
- Apache
Affected Products
- Apache Hadoop
Remediation
Upgrade to the latest version of Apache Hadoop, available from the Apache Web site.