4 matches found
CVE-2022-45048
Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0...
CVE-2022-45048
Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0...
CVE-2022-45048
Affected product: Apache Ranger (v2.3.0). Issue: code execution vulnerability via injectable policy expressions in created policies. Root cause (as stated): authenticated users with appropriate privileges can craft expressions that trigger execution. Impact: CVSS high, enabling total compromise p...
CVE-2022-45048 Apache Ranger: code execution vulnerability in policy expressions
Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0...