CVE-2016-6605

Published: Apr 10, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.

Affected (43)

Products: Cloudera: Cdh

1 product

Configuration A

43 vulnerable

Vulnerable Software	Affected Versions
Cloudera Cdh	Version 5.2.0
Cloudera Cdh	Version 5.2.1
Cloudera Cdh	Version 5.2.2
Cloudera Cdh	Version 5.2.3
Cloudera Cdh	Version 5.2.4
Cloudera Cdh	Version 5.2.5
Cloudera Cdh	Version 5.2.6
Cloudera Cdh	Version 5.3.0
Cloudera Cdh	Version 5.3.10
Cloudera Cdh	Version 5.3.1
Cloudera Cdh	Version 5.3.2
Cloudera Cdh	Version 5.3.3
Cloudera Cdh	Version 5.3.4
Cloudera Cdh	Version 5.3.5
Cloudera Cdh	Version 5.3.6
Cloudera Cdh	Version 5.3.7
Cloudera Cdh	Version 5.3.8
Cloudera Cdh	Version 5.3.9
Cloudera Cdh	Version 5.4.0
Cloudera Cdh	Version 5.4.10
Cloudera Cdh	Version 5.4.11
Cloudera Cdh	Version 5.4.1
Cloudera Cdh	Version 5.4.2
Cloudera Cdh	Version 5.4.3
Cloudera Cdh	Version 5.4.4
Cloudera Cdh	Version 5.4.5
Cloudera Cdh	Version 5.4.6
Cloudera Cdh	Version 5.4.7
Cloudera Cdh	Version 5.4.8
Cloudera Cdh	Version 5.4.9
Cloudera Cdh	Version 5.5.0
Cloudera Cdh	Version 5.5.1
Cloudera Cdh	Version 5.5.2
Cloudera Cdh	Version 5.5.3
Cloudera Cdh	Version 5.5.4
Cloudera Cdh	Version 5.5.5
Cloudera Cdh	Version 5.5.6
Cloudera Cdh	Version 5.6.0
Cloudera Cdh	Version 5.6.1
Cloudera Cdh	Version 5.7.0
Cloudera Cdh	Version 5.7.1
Cloudera Cdh	Version 5.7.2
Cloudera Cdh	Version 5.8.0

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174

Source: cve@mitre.org

https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.