CVE-2016-2174 in Ranger
Resumen (Inglés)
SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Reservar
2016-01-29
Divulgación
2016-06-13
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 87888 | Apache Ranger Policy Admin Tool eventTime inyección SQL | 89 | No está definido | Arreglo oficial | CVE-2016-2174 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV