CVE-2017-5655

Source
https://cve.org/CVERecord?id=CVE-2017-5655
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5655.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-5655
Published
2017-05-15T14:29:00.213Z
Modified
2026-07-08T10:55:27.985664Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.

References

Affected packages

Git / github.com/apache/ambari

Affected ranges

Type
GIT
Repo
https://github.com/apache/ambari
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": [
        "cpe:2.3:a:apache:ambari:2.2.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.2.2:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.2.2:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.0:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.1:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.1:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.2:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.4.2:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.5.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.5.0:rc2:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.5.0:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:apache:ambari:2.5.0:rc1:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "2.2.2"
        },
        {
            "last_affected": "2.2.2"
        },
        {
            "introduced": "2.2.2-rc0"
        },
        {
            "last_affected": "2.2.2-rc0"
        },
        {
            "introduced": "2.2.2-rc1"
        },
        {
            "last_affected": "2.2.2-rc1"
        },
        {
            "introduced": "2.4.0"
        },
        {
            "last_affected": "2.4.0"
        },
        {
            "introduced": "2.4.0-rc0"
        },
        {
            "last_affected": "2.4.0-rc0"
        },
        {
            "introduced": "2.4.1"
        },
        {
            "last_affected": "2.4.1"
        },
        {
            "introduced": "2.4.1-rc1"
        },
        {
            "last_affected": "2.4.1-rc1"
        },
        {
            "introduced": "2.4.1-rc0"
        },
        {
            "last_affected": "2.4.1-rc0"
        },
        {
            "introduced": "2.4.2"
        },
        {
            "last_affected": "2.4.2"
        },
        {
            "introduced": "2.4.2-rc1"
        },
        {
            "last_affected": "2.4.2-rc1"
        },
        {
            "introduced": "2.4.2-rc0"
        },
        {
            "last_affected": "2.4.2-rc0"
        },
        {
            "introduced": "2.5.0"
        },
        {
            "last_affected": "2.5.0"
        },
        {
            "introduced": "2.5.0-rc2"
        },
        {
            "last_affected": "2.5.0-rc2"
        },
        {
            "introduced": "2.5.0-rc0"
        },
        {
            "last_affected": "2.5.0-rc0"
        },
        {
            "introduced": "2.5.0-rc1"
        },
        {
            "last_affected": "2.5.0-rc1"
        }
    ]
}

Affected versions

2.*
2.2.2
2.2.2-rc0
2.2.2-rc1
2.4.0
2.4.1
2.4.1-rc0
2.4.2
2.4.2-rc0
2.5.0
2.5.0-rc0
2.5.0-rc1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5655.json"