1. Home
  2. CVEs with refmap.mlist==[ranger-dev] 20160205 CVE update (CVE-2015-5167 & CVE-2016-0733) - Fixed in Ranger 0.5.1
Max CVSS 7.5 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-0733 7.5
The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid username.
19-04-2016 - 03:44 12-04-2016 - 14:59
CVE-2015-5167 4.0
The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API.
13-04-2016 - 23:19 12-04-2016 - 14:59
Back to Top Mark selected
Back to Top