PT-2017-16638 · Apache · Ambari
Published
2017-04-03
·
Updated
2019-10-03
·
CVE-2017-5642
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Ambari versions 2.4.0 through 2.4.2
Description
The issue occurs during the installation of Ambari, where Ambari Server artifacts are not created with proper Access Control Lists (ACLs). ACLs are used to define permissions and access rights to resources.
Recommendations
For Ambari versions 2.4.0 through 2.4.2, consider reconfiguring the installation process to ensure proper ACLs are applied to Ambari Server artifacts.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ambari