CVE-2017-7676

CVE-2017-7676

EPSS 4.2%

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '*' wildcard character - like my*test, test*.txt. This can result in unintended behavior.

Affected products

Apache Software Foundation · Apache Ranger

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger http://www.securityfocus.com/bid/98958