CVE-2016-4572 โ€” Incorrect Authorization in CDH

CWE-863 โ€” Incorrect Authorization3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.3%
top 44.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cloudera CDH
Timeline
PublishedNov 26
Latest updateMay 24

Description

In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

โ–ถNVDcloudera/cdh8 versions+7

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-8p8c-cxfr-wq57: In Cloudera CDH before 5โ†—2022-05-24
โ–ถ
CVEList
CVE-2016-4572: In Cloudera CDH before 5โ†—2019-11-26
โ–ถ
CVE-2016-4572 โ€” Incorrect Authorization in Cloudera CDH | cvebase