Описание
SQL injection vulnerability in the policy admin tool in Apache Ranger
SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.
Пакеты
Наименование
org.apache.ranger:ranger
maven
Затронутые версииВерсия исправления
< 0.5.3
0.5.3
Связанные уязвимости
CVSS3: 7.2
nvd
больше 9 лет назад
SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.