CVE-2016-0733: Improper Authentication

October 17, 2018 (updated September 14, 2021)

The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid username.

References

github.com/advisories/GHSA-j84c-j8qm-g47r
nvd.nist.gov/vuln/detail/CVE-2016-0733

Detect and mitigate CVE-2016-0733 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →