CVE-2016-0731

2016-05-1814:00:00

redhat

www.cve.org

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.1%

JSON

The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration.

References

cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1

docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html

issues.apache.org/jira/browse/AMBARI-14780