CVE-2016-4976

CVSS v3.0 5.5 (Medium)

CVSS v2.0 2.1 (Low)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 1

Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.

Weaknesses

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2017-03-29 20:59:00
(7 years ago)
Updated Date: 2017-04-03 15:14:29
(7 years ago)

Affected Products

Apache

Ambari

Configuration #1

		CPE23	From	Up To
	Apache Ambari 2.0.0	cpe:2.3:a:apache:ambari:2.0.0
	Apache Ambari 2.0.1	cpe:2.3:a:apache:ambari:2.0.1
	Apache Ambari 2.0.2	cpe:2.3:a:apache:ambari:2.0.2
	Apache Ambari 2.1.0	cpe:2.3:a:apache:ambari:2.1.0
	Apache Ambari 2.1.1	cpe:2.3:a:apache:ambari:2.1.1
	Apache Ambari 2.1.2	cpe:2.3:a:apache:ambari:2.1.2
	Apache Ambari 2.2.0	cpe:2.3:a:apache:ambari:2.2.0
	Apache Ambari 2.2.1	cpe:2.3:a:apache:ambari:2.2.1
	Apache Ambari 2.2.2	cpe:2.3:a:apache:ambari:2.2.2