Описание
In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:ambari:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.2.2:rc0:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.2.2:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.0:rc0:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.1:rc0:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.1:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.2:rc0:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.4.2:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.5.0:rc0:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:ambari:2.5.0:rc2:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00149
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.
EPSS
Процентиль: 36%
0.00149
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200