Lucene search

Apache Ranger policy engine incorrectly matches paths in certain conditions

🗓️ 17 Oct 2018 17:05:22Reported by GitHub Advisory DatabaseType

Apache Ranger policy engine path matching issu

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2016-8746	14 Jun 201717:00	–	cvelist
OSV	CVE-2016-8746	14 Jun 201717:29	–	osv
OSV	Apache Ranger policy engine incorrectly matches paths in certain conditions	17 Oct 201817:22	–	osv
NVD	CVE-2016-8746	14 Jun 201717:29	–	nvd
Veracode	Security Bypass	9 Mar 201703:21	–	veracode
Prion	Design/Logic Flaw	14 Jun 201717:29	–	prion
CVE	CVE-2016-8746	14 Jun 201717:29	–	cve

Vulners

Node

org.apache.ranger ranger-plugins-commonRange<0.6.3

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-8746
cwiki	www.cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
github	www.github.com/advisories/GHSA-xv7x-x6wr-xx7g
securityfocus	www.securityfocus.com/bid/95998
github	www.github.com/apache/ranger/commit/2fcd7f7cc175c0734443638b99c359e24c0f88ff

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Oct 2018 17:22Current

5.7Medium risk

Vulners AI Score5.7

CVSS24.3

CVSS35.9

EPSS0.00538

CWE-426