CVE Daily

CVE-2016-6656

An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of extern...

High CVSS 7.2

Overview

An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using GPHDFS protocol has a vulnerability whereby arbitrary commands can be injected into the system. In order to exploit this vulnerability the user must have superuser 'gpadmin' access to the system or have been granted GPHDFS protocol permissions in order to create a GPHDFS external table.

CWE: CWE-77 Published: 2016-12-16T09:59:00.230
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.2 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags