3 matches found
Security Bulletin: Infosphere BigInsights is affected by a vulnerability that could allow a local attacker to obtain the value-add services passwords stored in the Ambari configuration file (CVE-2015-4928, CVE-2015-4940).
Summary Infosphere BigInsights is affected by a vulnerability that could allow a local attacker to obtain value-add services passwords stored in the Ambari configuration file. The passwords are shown in plain text CVE-2015-4928, CVE-2015-4940. Vulnerability Details CVEID: CVE-2015-4928 DESCRIPTIO...
CVE-2015-4940
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file...
CVE-2015-4940
CVE-2015-4940 affects Apache Ambari before 2.1 as used in IBM Infosphere BigInsights 4.x before 4.1, where a configuration file stores the BigSheets password in clear text. This allows a local attacker who can read the Ambari configs to obtain sensitive information. IBM’s bulletin notes that the ...