Vulnerability: Unauthorized Password Change for admin Role Users by keyadmin Role Users in Apache Ranger

Vulnerability: Unauthorized Password Change for admin Role Users by keyadmin Role Users in Apache Ranger

CVE-2016-6815 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

In Apache Ranger before 0.6.2, users with "keyadmin" role should not be allowed to change password for users with "admin" role.

Learn more about our Cis Benchmark Audit For Apache Http Server.