HomePentest-Tools.com Logo

Apache Ambari 2.2.2 - 2.4.2, 2.5.0 Information Disclosure Vulnerability CVE-2017-5655

Severity
CVSSv3 Score
6.5
Vulnerability description

Apache Ambari might expose sensitive data to system users.

Risk description

Sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host which might cause an exposure of sensitive data.

Recommendation

Update to version 2.4.3/2.5.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 15, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available