Arbitrary System Command Execution Vulnerability in Ambari SSL Certificate Generation

CVE-2014-3582 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster.

Learn more about our Cis Benchmark Audit For Server Software.