CVE-2014-3582

2017-03-2920:00:00

redhat

www.cve.org

9.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.3%

JSON

In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster.

References

cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0