Medium severity5.5NVD Advisory· Published Mar 29, 2017· Updated May 13, 2026
CVE-2016-4976
CVE-2016-4976
Description
Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.ambari:ambariMaven | >= 2.0.0, < 2.4.0 | 2.4.0 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.securityfocus.com/bid/97229nvdThird Party AdvisoryVDB Entry
- cwiki.apache.org/confluence/display/AMBARI/Ambari+VulnerabilitiesnvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-q3pw-6vf2-66hfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-4976ghsaADVISORY
- web.archive.org/web/20210124014838/http://www.securityfocus.com/bid/97229ghsaWEB
News mentions
0No linked articles in our index yet.