← Retour aux CVEs
CVE-2016-6807
N/ADescription
Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process.
Details CVE
Score CVSS v3.1N/A
Publie3/28/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
apache:ambari
Faiblesses (CWE)
CWE-284
References
http://www.securityfocus.com/bid/97184(security@apache.org)
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2(security@apache.org)
http://www.securityfocus.com/bid/97184(af854a3a-2127-422b-91ae-364da2661108)
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.