oss-sec mailing list archives
[CVE-2016-0731] Apache Ambari: Ambari File Browser View security vulnerability
From: Yusaku Sako <yusaku () hortonworks com>
Date: Tue, 17 May 2016 01:27:14 +0000
CVE-2016-0731: Ambari File Browser View security vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: 1.7.0 to 2.2.0 Versions Fixed: 2.2.1 Description: Ambari File Browser View, depending on how it is configured, allows an Ambari admin user to gain access to Ambari Server's local file system. Mitigation: Ambari users should upgrade to versions 2.2.1 or above. Reference: https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities
Current thread:
- [CVE-2016-0731] Apache Ambari: Ambari File Browser View security vulnerability Yusaku Sako (May 16)