2 matches found
Security Bulletin: Infosphere BigInsights is affected by a vulnerability that could allow a local attacker to obtain the value-add services passwords stored in the Ambari configuration file (CVE-2015-4928, CVE-2015-4940).
Summary Infosphere BigInsights is affected by a vulnerability that could allow a local attacker to obtain value-add services passwords stored in the Ambari configuration file. The passwords are shown in plain text CVE-2015-4928, CVE-2015-4940. Vulnerability Details CVEID: CVE-2015-4928 DESCRIPTIO...
CVE-2015-4928
The CVE-2015-4928 issue affects Apache Ambari 2.1 as used in IBM InfoSphere BigInsights 4.x before 4.1, where the Configs screen displays passwords in cleartext. This allows a local attacker with access to the Ambari UI to read sensitive passwords by viewing the configuration screens. IBM’s secur...