CVE-2018-11785
published 2018-10-24CVE-2018-11785: Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query…
medium6.5CVSS 3.0
AVNACLPRLUINSUCNIHAN
Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | impala | < 3.0.1 | 3.0.1 |
| apache_software_foundation | apache_impala | — | — |