cvelist/2018/8xxx/CVE-2018-8042.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "security@apache.org",
      "DATE_PUBLIC" : "2018-07-18T00:00:00",
      "ID" : "CVE-2018-8042",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Ambari",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "2.5.0 to 2.6.2"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Apache Software Foundation"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Information Disclosure"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "url" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042"
         }
      ]
   }
}
- Synchronized data. 2018-03-09 16:03:15 -05:00			`{`
			`"CVE_data_meta" : {`
- Added submission from Apache Ambari from 2018-07-18. 2018-07-18 10:07:50 -04:00			`"ASSIGNER" : "security@apache.org",`
			`"DATE_PUBLIC" : "2018-07-18T00:00:00",`
- Synchronized data. 2018-03-09 16:03:15 -05:00			`"ID" : "CVE-2018-8042",`
- Added submission from Apache Ambari from 2018-07-18. 2018-07-18 10:07:50 -04:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "Ambari",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "2.5.0 to 2.6.2"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "Apache Software Foundation"`
			`}`
			`]`
			`}`
- Synchronized data. 2018-03-09 16:03:15 -05:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Added submission from Apache Ambari from 2018-07-18. 2018-07-18 10:07:50 -04:00			`"value" : "Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Information Disclosure"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
			`"url" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042"`
- Synchronized data. 2018-03-09 16:03:15 -05:00			`}`
			`]`
			`}`
			`}`