PT-2017-9782 · Apache · Apache Atlas

Published

2017-08-29

Updated

2022-05-17

CVE-2016-8752

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache Atlas versions 0.6.0 (incubating) through 0.7.1 (incubating)

Description The issue allows access to the webapp directory contents by pointing to URIs like /js and /img.

Recommendations For Apache Atlas versions 0.6.0 (incubating) through 0.7.1 (incubating), consider restricting access to the webapp directory to minimize the risk of exploitation.

Fix

Improper Access Control

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-22

Related Identifiers

CVE-2016-8752

GHSA-M2RR-H6G4-9CM9

PYSEC-2017-105

Affected Products

Apache Atlas

PT-2017-9782 · Apache · Apache Atlas

CVE-2016-8752

Weakness Enumeration

Related Identifiers

Affected Products

References · 8