5.9

CVE-2017-7677

In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheRanger Version <= 0.7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.61% 0.834
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
Vendor Advisory
Release Notes
http://www.securityfocus.com/bid/98961
Third Party Advisory
VDB Entry