CVE-2016-4976: Apache Ambari reveals administrator passwords
5.5
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.24968%
CWE
Published
5/17/2022
Updated
11/7/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
org.apache.ambari:ambari | maven | >= 2.0.0, < 2.4.0 | 2.4.0 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from passing KDC admin passwords as cleartext arguments to kadmin commands. The CVE description explicitly states the fix in 2.4.0 involved switching to passing credentials via STDIN
instead of command-line arguments. The most logical location for this vulnerability would be in the Kerberos management code that interfaces with kadmin. While exact code isn't provided, the pattern matches common Java process
execution patterns using Runtime.exec()
or ProcessBuilder
with password arguments. The KerberosServerAction
class is a known component handling Kerberos operations in Ambari, making this a high-confidence identification.