Apache Ranger 0.5.x Resource-Level Access Bypass Vulnerability

Apache Ranger 0.5.x Resource-Level Access Bypass Vulnerability

CVE-2016-0735 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to bypass intended parent resource-level access restrictions by leveraging mishandling of a resource-level exclude policy.

Learn more about our User Device Pen Test.