CVE-2016-2174
published 2016-06-13CVE-2016-2174: SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands…
high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | ranger | — | — |
| apache | ranger | — | — |
| apache | ranger | — | — |