Apache Impala: Unauthorized User Data Injection Vulnerability

Apache Impala: Unauthorized User Data Injection Vulnerability

CVE-2018-11785 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.

Learn more about our Cis Benchmark Audit For Apache Http Server.