Vulnerability Details CVE-2015-5167
The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.securityfocus.com/bid/82871
- https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
- https://mail-archives.apache.org/mod_mbox/ranger-dev/201602.mbox/%3CD2D9A4C5.114ECA%25vel%40apache.org%3E
- http://www.securityfocus.com/bid/82871
- https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
- https://mail-archives.apache.org/mod_mbox/ranger-dev/201602.mbox/%3CD2D9A4C5.114ECA%25vel%40apache.org%3E