CVE-2017-5654

In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3	Vendor Advisory
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:ambari:2.4.0:::::::*
	cpe:2.3:a:apache:ambari:2.4.1:::::::*
	cpe:2.3:a:apache:ambari:2.5.0:::::::*

History

No history.

Information

Published : 2017-05-12 21:29

Updated : 2024-02-28 15:44

NVD link : CVE-2017-5654

Mitre link : CVE-2017-5654

CVE.ORG link : CVE-2017-5654

JSON object : View

Products Affected

apache

ambari

CWE

CWE-91

XML Injection (aka Blind XPath Injection)

{"id": "CVE-2017-5654", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-05-12T21:29:00.160", "references": [{"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3", "tags": ["Vendor Advisory"], "source": "security@apache.org"}, {"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1", "tags": ["Vendor Advisory"], "source": "security@apache.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-91"}]}], "descriptions": [{"lang": "en", "value": "In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes."}, {"lang": "es", "value": "En Ambari 2.4.x en versiones anteriores a la 2.4.3 y en la versi\u00f3n 2.5.0 de Ambari, un usuario autorizado de Ambari Hive View podr\u00eda ganar acceso de lectura no autorizado a archivos almacenados en el host en el que el servidor Ambari ejecuta."}], "lastModified": "2017-05-23T18:44:14.410", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "243741C6-FCA5-4E8F-93A6-033144214F31"}, {"criteria": "cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "114B2179-C5A7-4802-9A3C-580BF8153285"}, {"criteria": "cpe:2.3:a:apache:ambari:2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C282AEEA-8E12-4B62-8535-B23EFFA0D188"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}