3 matches found
CVE-2017-7677
In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table...
CVE-2017-7677
CVE-2017-7677 affects the Hive Authorizer in Apache Ranger prior to 0.7.1. In environments using external locations for Hive tables, it should check RWX permissions for create table, but this check is missing, enabling a potential permission-check bypass when creating tables. The issue is address...
Apache Ranger 0.5.x / 0.6.x / 0.7.0 Policy Miss / Permission Check Vulnerability
Apache Ranger versions prior to 0.7.1 suffer from issues where policy evaluation ignores characters after the asterisk wildcard character and the Hive Authorizer fails to check for RWX permission when an external location is specified. Hello: Please find below details on CVEs fixed in Ranger 0.7....