Ranger@0.5.0 Security Vulnerabilities and Issues — Ranger@0.5.0 CVE List

Lucene search

ApacheRanger0.5.0

3 matches found

CVE•added 2017/10/13 2:29 p.m.•62 views

CVE-2016-6815

In Apache Ranger before 0.6.2, users with "keyadmin" role should not be allowed to change password for users with "admin" role.

6.5CVSS6.5AI score0.00495EPSS

CVE•added 2016/06/13 2:59 p.m.•60 views

CVE-2016-2174

SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.

7.2CVSS7.2AI score0.00576EPSS

CVE•added 2016/04/11 7:59 p.m.•35 views

CVE-2016-0735

Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to bypass intended parent resource-level access restrictions by leveraging mishandling of a resource-level exclude policy.

8.8CVSS8.3AI score0.00145EPSS