Threat Finder

Threat ID
2776
Threat Date
06/14/2013
Threat Name
Server configuration files protection
CVE Reference
CVE-NO-MATCH
CCE Reference
CCE-NO-MATCH
Risk
High
Database Type
Hadoop
Category
Improper Access Controls
Versions
All versions of Hadoop
Summary
The access to database server configuration files must be limited to appropriate individuals.
Overview
The server configuration files contains sensitive information regarding the configuration of the Hadoop. Operating system access to server configuration files should be restricted.
Verify that only authorized persons or groups have access to read and write to these files.
References
http://wiki.apache.org/hadoop/GettingStartedWithHadoop
VMSKey
STIGID

Additional information including fix script information is available in the licensed versions of Application Security's DbProtect and AppDetectivePro solutions.

Powered by