In Apache Ranger before 0.6.2, users with "keyadmin" role should not be allowed to change password for users with "admin" role.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:a:apache:ranger:0.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:apache:ranger:0.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:apache:ranger:0.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:apache:ranger:0.5.2:*:*:*:*:*:*:*",
"cpe:2.3:a:apache:ranger:0.5.3:*:*:*:*:*:*:*",
"cpe:2.3:a:apache:ranger:0.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:apache:ranger:0.6.1:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0.4.0"
},
{
"last_affected": "0.4.0"
},
{
"introduced": "0.5.0"
},
{
"last_affected": "0.5.0"
},
{
"introduced": "0.5.1"
},
{
"last_affected": "0.5.1"
},
{
"introduced": "0.5.2"
},
{
"last_affected": "0.5.2"
},
{
"introduced": "0.5.3"
},
{
"last_affected": "0.5.3"
},
{
"introduced": "0.6.0"
},
{
"last_affected": "0.6.0"
},
{
"introduced": "0.6.1"
},
{
"last_affected": "0.6.1"
}
],
"vendor_product": "apache:ranger",
"source": "CPE_STRING"
}
]
}