Design/Logic Flaw

2016-05-1814:59:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.1%

JSON

The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration.

CPENameOperatorVersion
ambarile2.2.0

CPE	Name	Operator	Version
	ambari	le	2.2.0

References

cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities

docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html

issues.apache.org/jira/browse/AMBARI-14780