CVE-2016-6353

Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler...

CVE-2016-6353

CVE-2016-6353 affects Cloudera CDH’s Cloudera Search component. The vulnerability arises in Solr Queries by document ID that can bypass Sentry document-level security via the RealTimeGetHandler, permitting unauthorized access to documents. Affected software is Cloudera CDH with Cloudera Search (p...