PT-2025-9504 · Apache · Apache Ranger
김도균
·
Published
2025-03-03
·
Updated
2025-03-06
·
CVE-2024-55532
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache Ranger versions prior to 2.6.0
Description
The issue concerns the Export CSV feature in Apache Ranger, where there is an improper neutralization of formula elements. Users are advised to upgrade to a fixed version to address this issue.
Recommendations
For versions prior to 2.6.0, upgrade to version 2.6.0 to fix the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Ranger