Improper Path Matching in Apache Ranger Policy Engine

Improper Path Matching in Apache Ranger Policy Engine

CVE-2016-8746 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true.

Learn more about our Web Application Penetration Testing UK.