2 matches found
CVE-2019-10084
In Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to the IDs of active Impala queries or sessions can interact with those sessions or queries via a specially-constructed request and thereby potentially bypass authorization and audit mechanisms. Session and query IDs are unique an...
CVE-2019-10084
CVE-2019-10084 affects Apache Impala 2.7.0 to 3.2.0. An authenticated user who can observe the IDs of active queries or sessions can craft requests to interact with those sessions/queries, potentially bypassing authorization and audit controls. Root causes noted include: session/query IDs are uni...