CVE-2016-3086: Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop

Severity: Critical

CVSS Score: 9.8

The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.