Описание
In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00907
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-91
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
EPSS
Процентиль: 75%
0.00907
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-91