fkie_nvd - fkie_cve-2016-6605

fkie_cve-2016-6605

Vulnerability from fkie_nvd

Published

2017-04-10 14:59

Modified

2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.

References

▶	URL	Tags
	cve@mitre.org	https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174
	af854a3a-2127-422b-91ae-364da2661108	https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174

Impacted products

Vendor	Product	Version
cloudera	cdh	5.2.0
cloudera	cdh	5.2.1
cloudera	cdh	5.2.2
cloudera	cdh	5.2.3
cloudera	cdh	5.2.4
cloudera	cdh	5.2.5
cloudera	cdh	5.2.6
cloudera	cdh	5.3.0
cloudera	cdh	5.3.1
cloudera	cdh	5.3.2
cloudera	cdh	5.3.3
cloudera	cdh	5.3.4
cloudera	cdh	5.3.5
cloudera	cdh	5.3.6
cloudera	cdh	5.3.7
cloudera	cdh	5.3.8
cloudera	cdh	5.3.9
cloudera	cdh	5.3.10
cloudera	cdh	5.4.0
cloudera	cdh	5.4.1
cloudera	cdh	5.4.2
cloudera	cdh	5.4.3
cloudera	cdh	5.4.4
cloudera	cdh	5.4.5
cloudera	cdh	5.4.6
cloudera	cdh	5.4.7
cloudera	cdh	5.4.8
cloudera	cdh	5.4.9
cloudera	cdh	5.4.10
cloudera	cdh	5.4.11
cloudera	cdh	5.5.0
cloudera	cdh	5.5.1
cloudera	cdh	5.5.2
cloudera	cdh	5.5.3
cloudera	cdh	5.5.4
cloudera	cdh	5.5.5
cloudera	cdh	5.5.6
cloudera	cdh	5.6.0
cloudera	cdh	5.6.1
cloudera	cdh	5.7.0
cloudera	cdh	5.7.1
cloudera	cdh	5.7.2
cloudera	cdh	5.8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D6CC1BD-4A89-4E35-9960-663C3680AB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBF2BFFA-9C9D-40C8-A5E1-F7D7F72044B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9ACDD34-8043-4F94-8BE2-FC836575338C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6EA6D-5473-41AE-81F1-9996AD458BF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAC2D81-4B44-49BE-883A-5477320AE8DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6034866D-A896-4AFE-9EDF-E021CA1C4CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "814B29A3-5EF3-4225-A2D3-F1714484FB7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "613FF93C-3186-48E4-B549-66FDF52B361B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7F056A-1186-43ED-B748-D8ECFDF4311F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "471102DD-5589-4A46-A733-27127B292D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72E0B0E1-4A7B-4364-BE3E-426C66E16CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EAB1666-E7EF-4652-9972-94FB1ACB3FF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83792524-F31C-48A8-9C0A-27806F58E974",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "92A1893E-108B-451C-8663-756A420DA54C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FFBA45-DD76-49AB-B6E9-E7247E72E9F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE6261D0-B6AA-455C-8C72-2839649B2509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "510E937F-9CB0-4E07-B928-26492AE107A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28AFA4C-AD43-47D2-99E6-E1C8A94908AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D673E85-1456-4100-AC62-84EB2AD69481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAB77F6D-801E-4C1A-BFBE-0FB9AE7AEA3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BBCD80-7158-4B3B-941E-A94A567688A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98341E9C-2B10-4460-80B3-0287ED89BCF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD5D5EAD-4869-41D0-9144-A50222D1447E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB6DC29-9762-4AF8-B521-BC6F60D3294D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A05A540-C651-4651-B553-9FC6C621604E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9D7D3A6-B0EB-45CA-8EB5-60E2938A6BC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "57726EB2-58C2-4407-879D-47404D4F7253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E23D25C-EAC3-450A-81DF-B2889A6BE73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "76E9BDD1-0485-418E-8A75-2846D448451B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "95F81F00-56F5-4C17-ABDB-E1670A48F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBD38CA-E5E3-450C-B5CF-5ACDF99924CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F6F68F4-538B-4080-847A-300C168FC258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2E3282-8F74-43C7-8C2B-984B58F86D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC306BB1-E01C-43E1-ACE1-759A703D5D57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "858B8A48-5835-49E5-9CA8-EAEAAA6597DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F27CA3DE-DA96-41A7-931C-3DEEEBE8D833",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7B6FED-5A57-403C-83E4-8D9780EA1B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0821458-EDDC-457C-9211-E3B5A34EFDBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B445F1D2-CB34-4BC8-B870-D7CF065EC36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7922C91D-F7C9-48ED-BDAE-8C88DEB3EA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2304AA62-575C-4144-840C-0BFD98F89A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF9E5E9-F8A3-434D-A185-C38258B5D2C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudera:cdh:5.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF78A4BF-BC24-4DE0-8961-A9BB6564CA7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization."
    },
    {
      "lang": "es",
      "value": "Impala en CDH desde 5.2.0 hasta la versi\u00f3n 5.7.2 y 5.8.0 permite a atacantes remotos eludir la autorizaci\u00f3n de Setry."
    }
  ],
  "id": "CVE-2016-6605",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-10T14:59:00.247",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2016-6605 (GCVE-0-2016-6605)

Vulnerability from cvelistv5

Published

2017-04-10 14:00

Modified

2024-08-06 01:36

Severity ?

CWE

Summary

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.

References

►

URL

Tags

https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174

x_refsource_CONFIRM