CVE-2017-5654
Apache Ambari Hive View vulnerability (CVE-2017-5654) affects Ambari 2.4.x before 2.4.3 and 2.5.0. An authorized user of the Ambari Hive View may obtain unauthorized read access to host files where the Ambari server runs. Root cause described in sources as an XML/insjection fault enabling reads f...