[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-16690":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":48,"name":49,"published":50,"updated":34},16690,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":41,"epss_score":42,"epss_percentile":43,"cve":44,"in_cisa_catalog":47,"date":34,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"low","Multiple flaws exist due to: - Weak permissions used for the /var/lib/ambari-agent/data and /var/lib/ambari-agent/keys directories by the agent. - An insufficient validation of user supplied input via targetURI parameter in redirect and forward requests. Success exploitation will allow local users to obtain sensitive information by reading files in the directories and to redirect users to arbitrary web sites and conduct phishing attacks.","Apache Ambari is prone to information disclosure and open redirection vulnerabilities.","Update to version 2.1.2 or later.",[40],"https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities",3.3,0.00959,0.76435,[45,46],"CVE-2016-0707","CVE-2015-5210",false,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.808650","Apache Ambari 1.7 - 2.1.1 Information Disclosure Vulnerability","2018-01-02T00:00:00Z"]