Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.
References
Link | Resource |
---|---|
https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#tsb_165 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-26T13:48:22
Updated: 2019-11-26T13:48:22
Reserved: 2016-07-26T00:00:00
Link: CVE-2016-6353
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-11-26T14:15:11.330
Modified: 2019-12-12T14:31:15.583
Link: CVE-2016-6353
JSON object: View
Redhat Information
No data.
CWE