Login Sign Up

CVE-2021-29215

9.8 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability allows remote attackers to bypass access restrictions in HPE Ezmeral Data Fabric's TEZ MapR ecosystem component. It affects systems running vulnerable versions of the TEZ component, potentially enabling unauthorized access to restricted resources. The high CVSS score indicates critical severity.

💻 Affected Systems

Products:
  • HPE Ezmeral Data Fabric TEZ MapR ecosystem component
Versions: Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch
Operating Systems: Linux (RPM-based distributions)
Default Config Vulnerable: ⚠️ Yes
Notes: Affects specific TEZ component versions within HPE Ezmeral Data Fabric deployments

📦 What is this software?

Tez by Hpe

View all CVEs affecting Tez →

Tez by Hpe

View all CVEs affecting Tez →

Tez by Hpe

View all CVEs affecting Tez →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the TEZ component allowing unauthorized data access, privilege escalation, and potential lateral movement within the data fabric environment.

🟠

Likely Case

Unauthorized access to restricted TEZ resources and data, potentially exposing sensitive information or allowing unauthorized job execution.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, though the vulnerability still presents a security weakness.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Remote access restriction bypass suggests relatively straightforward exploitation once the vulnerability is understood

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Tez-0.8: mapr-tez-0.8.201907081100-1.noarch or later; Tez-0.9: mapr-tez-0.9.201907090334-1.noarch or later; Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch or later

Vendor Advisory: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbez04196en_us

Restart Required: Yes

Instructions:

1. Download updated TEZ packages from HPE support portal. 2. Stop TEZ services. 3. Install updated packages using rpm -Uvh. 4. Restart TEZ services. 5. Verify successful update.

🔧 Temporary Workarounds

Network Isolation

linux

Restrict network access to TEZ components using firewall rules

iptables -A INPUT -p tcp --dport [TEZ_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
iptables -A INPUT -p tcp --dport [TEZ_PORT] -j DROP

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate TEZ components from untrusted networks
  • Enhance monitoring and alerting for unauthorized access attempts to TEZ services

🔍 How to Verify

Check if Vulnerable:

Check TEZ package version: rpm -qa | grep mapr-tez

Check Version:

rpm -qa | grep mapr-tez

Verify Fix Applied:

Verify updated package is installed: rpm -qa | grep mapr-tez and compare version against patched versions

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to TEZ services
  • Unexpected TEZ job submissions
  • Access from unauthorized IP addresses

Network Indicators:

  • Unexpected traffic to TEZ service ports
  • Connection attempts from external networks

SIEM Query:

source="tez.log" AND (event="unauthorized" OR event="access_denied")

📊 Metadata

CVE ID: CVE-2021-29215
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Published: January 18, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON