CVE-2016-6605 โ€” Improper Access Control in CDH

CWE-284 โ€” Improper Access Control3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 56.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cloudera CDH
Timeline
PublishedApr 10
Latest updateMay 17

Description

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

โ–ถNVDcloudera/cdh43 versions+42

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-hvcq-wqg4-xggp: Impala in CDH 5โ†—2022-05-17
โ–ถ
CVEList
CVE-2016-6605: Impala in CDH 5โ†—2017-04-10
โ–ถ
CVE-2016-6605 โ€” Improper Access Control in Cloudera CDH | cvebase