CVE-2017-5654

In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to…

apache·CWE-91·Published 2017-05-12

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

191 chars

In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.

NVDen

191 chars

In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.

NVDes

242 chars

En Ambari 2.4.x en versiones anteriores a la 2.4.3 y en la versión 2.5.0 de Ambari, un usuario autorizado de Ambari Hive View podría ganar acceso de lectura no autorizado a archivos almacenados en el host en el que el servidor Ambari ejecuta.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N