CVE-2018-11785
CVE-2018-11785
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
24 Oct 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.
Affected products
Apache Software Foundation · Apache Impala