CNNVD-202508-1430 Information

CNNVD ID

CNNVD-202508-1430

Related CVE

CVE-2025-8904

• CNNVD Published: 2025-08-13

Description (Chinese)

Amazon EMR是美国亚马逊（Amazon）公司的一个托管集群平台。 Amazon EMR存在安全漏洞，该漏洞源于/tmp/目录中存储的keytab文件可能导致权限提升。

Description (English)

Amazon EMR is a hosting cluster platform for Amazon America. Amazon EMR has a security loophole, which originates from the keytab files stored in/tmp/dir.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

亚马逊

Published

2025-08-13

Last Modified

2026-02-24

References

https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-app-versions-7.x.html https://aws.amazon.com/security/security-bulletins/AWS-2025-017/ https://access.redhat.com/security/cve/cve-2025-8904

Patch

https://aws.amazon.com/cn/security/security-bulletins/AWS-2025-017/