Critical severity9.8NVD Advisory· Published Jan 24, 2018· Updated Jun 17, 2026
CVE-2017-15718
CVE-2017-15718
Description
The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.hadoop:hadoop-mainMaven | >= 2.7.3, < 2.7.5 | 2.7.5 |
Affected products
2- Apache Software Foundation/Apache Hadoopv5Range: 2.7.3 to 2.7.4
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-mq8p-h798-xcrpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-15718ghsaADVISORY
- lists.apache.org/thread.html/773c93c2d8a6a52bbe97610c2b1c2ad205b970e1b8c04fb5b2fccad6@%3Cgeneral.hadoop.apache.org%3EghsaWEB
- lists.apache.org/thread.html/773c93c2d8a6a52bbe97610c2b1c2ad205b970e1b8c04fb5b2fccad6%40%3Cgeneral.hadoop.apache.org%3Envd
News mentions
0No linked articles in our index yet.