CVE-2017-3154
HIGHApache Atlas 0.6.0-incubating 0.7.0-incubating - Exposure of Sensitive Information via Error Stack Trace
Title source: llmDescription
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information.
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3E
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100581
Scores
CVSS v3
7.5
EPSS
0.0083
EPSS Percentile
74.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (5)
apache/atlas
0.6.0 (3 CPE variants)
apache/atlas
0.7.0 (3 CPE variants)
Apache Software Foundation/Apache Atlas
0.6.0-incubating
Apache Software Foundation/Apache Atlas
0.7.0-incubating
org.apache.atlas/atlas-common
0.6.0-incubating - 0.7.1-incubatingMaven
Published
Aug 29, 2017
Tracked Since
Feb 18, 2026