VYPR
High severity7.5NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026

CVE-2017-5654

CVE-2017-5654

Description

In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Apache/Ambari4 versions
    cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:2.5.0:*:*:*:*:*:*:*
    • (no CPE)range: <2.4.3, <2.5.1
  • Apache Software Foundation/Apache Ambariv5
    Range: 2.4.0 through 2.4.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.