CVE-2016-6815

Summary

In Apache Ranger before 0.6.2, users with "keyadmin" role should not be allowed to change password for users with "admin" role.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Ranger0.5.xaffected
Apache Software FoundationApache Ranger0.6.0affected
Apache Software FoundationApache Ranger0.6.1affected

Weaknesses

  • Incorrect Privileges

ADP Enrichment

CVE Program Container

Additional References

References