exploitDog

GHSA-4jv4-cqp4-66cr

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.

Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.

Ссылки

EPSS

Процентиль: 30%

0.00108

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2018-11785

CVSS3: 6.5

nvd

больше 7 лет назад

Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.

EPSS

Процентиль: 30%

0.00108

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862