Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Ambari 安全漏洞
Vulnerability Description
Apache Ambari是美国阿帕奇(Apache)软件基金会的一套配置、管理和监控Apache Hadoop集群的工具。该工具支持作业与任务执行的可视化和分析、支持系统报警等。 Apache Ambari 2.1.1及之前版本的代理中存在安全漏洞,该漏洞源于/var/lib/ambari-agent/data和/var/lib/ambari-agent/keys目录使用弱权限。本地攻击者可通过读取目录中的文件利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A