PT-2017-15690 · Apache · Apache Atlas

Published

2017-08-29

Updated

2022-05-17

CVE-2017-3154

CVSS v4.0

8.7

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating

Description The issue concerns error responses that include stack traces, potentially exposing excessive information.

Recommendations For Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating, consider configuring the error response handling to exclude stack traces, thus minimizing the exposure of sensitive information.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-3154

GHSA-FX92-WH72-8G9Q

PYSEC-2017-110

Affected Products

Apache Atlas

PT-2017-15690 · Apache · Apache Atlas

CVE-2017-3154

Weakness Enumeration

Related Identifiers

Affected Products

References · 9