No MapR Impact: CVE-2016-5393 Privilege Escalation Vulnerability in Apache Hadoop

This section describes a security issue in Apache Hadoop HDFS. MapR is not impacted.

Vulnerability An authorization issue impacting Apache Hadoop HDFS NameNode functionality allows a remote, potentially lesser-privileged, user to run arbitrary commands with the same privileges as the HDFS service. MapR-FS is not impacted, since the NameNode service is not used.
Mitigation MapR is not impacted.
Products Affected No MapR products are affected.
Impact MapR routinely monitors Hadoop exploits to determine if your MapR environment might be impacted. Currently, MapR users are not impacted by this vulnerability (or the current exploits related to this vulnerability) because MapR does not use NameNode. Apache Hadoop remote users authenticated with the HDFS NameNode might run arbitrary commands as the hdfs user. Performance and other resources might be impacted in an Apache Hadoop environment, not a MapR environment.
Severity Critical for Apache Hadoop HDFS NameNode users, not MapR-FS users.
Bug Tracking No related MapR bugs.
References