CVE-2016-8746

CVE-2016-8746

EPSS 2.7%

Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true.

Affected products

Apache Software Foundation · Apache Ranger

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger http://www.securityfocus.com/bid/95998