CVE-2015-4940
Apache Ambari < 2.0.2 - Cleartext Password Exposure in Configuration File
Title source: llmDescription
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1034102
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21969202
Scores
EPSS
0.0012
EPSS Percentile
30.2%
Details
CWE
CWE-200
Status
published
Products (1)
apache/ambari
< 2.0.2
Published
Nov 08, 2015
Tracked Since
Feb 18, 2026