Medium severity5.5NVD Advisory· Published Mar 29, 2017· Updated Jun 17, 2026
CVE-2016-4976
CVE-2016-4976
Description
Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.ambari:ambariMaven | >= 2.0.0, < 2.4.0 | 2.4.0 |
Affected products
10cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.2.2:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/97229nvdThird Party AdvisoryVDB Entry
- cwiki.apache.org/confluence/display/AMBARI/Ambari+VulnerabilitiesnvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-q3pw-6vf2-66hfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-4976ghsaADVISORY
- web.archive.org/web/20210124014838/http://www.securityfocus.com/bid/97229ghsaWEB
News mentions
0No linked articles in our index yet.