Vulnerabilites related to apache - ambari
CVE-2015-3270 (GCVE-0-2015-3270)
Vulnerability from cvelistv5
Published
2015-11-02 19:00
Modified
2024-08-06 05:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:32.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-3270] A non-administrative user can escalate themselves to have administrative privileges remotely",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-02T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-3270] A non-administrative user can escalate themselves to have administrative privileges remotely",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-3270] A non-administrative user can escalate themselves to have administrative privileges remotely",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3270",
"datePublished": "2015-11-02T19:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:32.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8003 (GCVE-0-2018-8003)
Vulnerability from cvelistv5
Published
2018-05-03 23:00
Modified
2024-09-16 17:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. Direct network access to the Ambari Server is required to issue this request, and those Ambari Servers that are protected behind a firewall, or in a restricted network zone are at less risk of being affected by this issue.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: Apache Ambari 1.4.0 to 2.6.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.710Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104161",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104161"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Ambari 1.4.0 to 2.6.1"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. Direct network access to the Ambari Server is required to issue this request, and those Ambari Servers that are protected behind a firewall, or in a restricted network zone are at less risk of being affected by this issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-15T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "104161",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104161"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-05-02T00:00:00",
"ID": "CVE-2018-8003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_value": "Apache Ambari 1.4.0 to 2.6.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. Direct network access to the Ambari Server is required to issue this request, and those Ambari Servers that are protected behind a firewall, or in a restricted network zone are at less risk of being affected by this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104161",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104161"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-8003",
"datePublished": "2018-05-03T23:00:00Z",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-09-16T17:48:48.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5642 (GCVE-0-2017-5642)
Vulnerability from cvelistv5
Published
2017-04-03 16:00
Modified
2024-08-05 15:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- unprotected file permissions
Summary
During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.4.0 through 2.4.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:04:15.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.4.0 through 2.4.2"
}
]
}
],
"datePublic": "2017-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unprotected file permissions",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-03T15:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_value": "2.4.0 through 2.4.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unprotected file permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5642",
"datePublished": "2017-04-03T16:00:00",
"dateReserved": "2017-01-29T00:00:00",
"dateUpdated": "2024-08-05T15:04:15.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4976 (GCVE-0-2016-4976)
Vulnerability from cvelistv5
Published
2017-03-29 20:00
Modified
2024-08-06 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
},
{
"name": "97229",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97229"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-31T09:57:02",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
},
{
"name": "97229",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97229"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
},
{
"name": "97229",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97229"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4976",
"datePublished": "2017-03-29T20:00:00",
"dateReserved": "2016-05-24T00:00:00",
"dateUpdated": "2024-08-06T00:46:39.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23195 (GCVE-0-2025-23195)
Vulnerability from cvelistv5
Published
2025-01-21 21:22
Modified
2025-01-22 14:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie
project, allowing an attacker to inject malicious XML entities. This
vulnerability occurs due to insecure parsing of XML input using the
`DocumentBuilderFactory` class without disabling external entity
resolution. An attacker can exploit this vulnerability to read arbitrary
files on the server or perform server-side request forgery (SSRF)
attacks. The issue has been fixed in both Ambari 2.7.9 and the trunk
branch.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-21T23:02:43.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/01/21/7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T14:49:27.291184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T14:49:46.312Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.7.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie \nproject, allowing an attacker to inject malicious XML entities. This \nvulnerability occurs due to insecure parsing of XML input using the \n`DocumentBuilderFactory` class without disabling external entity \nresolution. An attacker can exploit this vulnerability to read arbitrary\n files on the server or perform server-side request forgery (SSRF) \nattacks. The issue has been fixed in both Ambari 2.7.9 and the trunk \nbranch."
}
],
"value": "An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie \nproject, allowing an attacker to inject malicious XML entities. This \nvulnerability occurs due to insecure parsing of XML input using the \n`DocumentBuilderFactory` class without disabling external entity \nresolution. An attacker can exploit this vulnerability to read arbitrary\n files on the server or perform server-side request forgery (SSRF) \nattacks. The issue has been fixed in both Ambari 2.7.9 and the trunk \nbranch."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T21:22:33.286Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/hsb6mvxd7g37dq1ygtd0pd88gs9tfcwq"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-23195",
"datePublished": "2025-01-21T21:22:33.286Z",
"dateReserved": "2025-01-13T14:34:06.970Z",
"dateUpdated": "2025-01-22T14:49:46.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23196 (GCVE-0-2025-23196)
Vulnerability from cvelistv5
Published
2025-01-21 21:23
Modified
2025-02-03 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A code injection vulnerability exists in the Ambari Alert Definition
feature, allowing authenticated users to inject and execute arbitrary
shell commands. The vulnerability arises when defining alert scripts,
where the script filename field is executed using `sh -c`. An attacker
with authenticated access can exploit this vulnerability to inject
malicious commands, leading to remote code execution on the server. The
issue has been fixed in the latest versions of Ambari.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 8 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-21T23:02:44.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/01/21/8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T14:47:59.283725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T14:48:12.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.7.9",
"status": "affected",
"version": "8",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Liyw979"
},
{
"lang": "en",
"type": "reporter",
"value": "robinzeng2015"
},
{
"lang": "en",
"type": "reporter",
"value": "fcgboy"
},
{
"lang": "en",
"type": "reporter",
"value": "wk2025"
},
{
"lang": "en",
"type": "reporter",
"value": "Tari from Sangfor Company"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A code injection vulnerability exists in the Ambari Alert Definition \nfeature, allowing authenticated users to inject and execute arbitrary \nshell commands. The vulnerability arises when defining alert scripts, \nwhere the script filename field is executed using `sh -c`. An attacker \nwith authenticated access can exploit this vulnerability to inject \nmalicious commands, leading to remote code execution on the server. The \nissue has been fixed in the latest versions of Ambari."
}
],
"value": "A code injection vulnerability exists in the Ambari Alert Definition \nfeature, allowing authenticated users to inject and execute arbitrary \nshell commands. The vulnerability arises when defining alert scripts, \nwhere the script filename field is executed using `sh -c`. An attacker \nwith authenticated access can exploit this vulnerability to inject \nmalicious commands, leading to remote code execution on the server. The \nissue has been fixed in the latest versions of Ambari."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T08:22:56.454Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/70g1l5lxvko7kvhyxmtmklhhfrlon837"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: Code Injection Vulnerability in Ambari Alert Definition",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-23196",
"datePublished": "2025-01-21T21:23:41.389Z",
"dateReserved": "2025-01-13T14:43:54.173Z",
"dateUpdated": "2025-02-03T08:22:56.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3582 (GCVE-0-2014-3582)
Vulnerability from cvelistv5
Published
2017-03-29 20:00
Modified
2024-08-06 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:17.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-30T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3582",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3582",
"datePublished": "2017-03-29T20:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:17.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1936 (GCVE-0-2020-1936)
Vulnerability from cvelistv5
Published
2021-03-02 09:00
Modified
2025-02-13 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: Apache Ambari < 2.7.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E"
},
{
"name": "[oss-security] 20210301 CVE-2020-1936: Stored XSS in Apache Ambari",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/02/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.7.4",
"status": "affected",
"version": "Apache Ambari",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache Ambari would like to thank Krzysztof Przybylski from STM Solutions"
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:56.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E"
},
{
"name": "[oss-security] 20210301 CVE-2020-1936: Stored XSS in Apache Ambari",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/02/1"
}
],
"source": {
"defect": [
"AMBARI-25329"
],
"discovery": "UNKNOWN"
},
"title": "Stored XSS in Apache Ambari",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-1936",
"STATE": "PUBLIC",
"TITLE": "Stored XSS in Apache Ambari"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Apache Ambari",
"version_value": "2.7.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache Ambari would like to thank Krzysztof Przybylski from STM Solutions"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E"
},
{
"name": "[oss-security] 20210301 CVE-2020-1936: Stored XSS in Apache Ambari",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/03/02/1"
}
]
},
"source": {
"defect": [
"AMBARI-25329"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-1936",
"datePublished": "2021-03-02T09:00:22.000Z",
"dateReserved": "2019-12-02T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:39.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51941 (GCVE-0-2024-51941)
Vulnerability from cvelistv5
Published
2025-01-21 21:24
Modified
2025-01-22 14:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-75 - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Summary
A remote code injection vulnerability exists in the Ambari Metrics and
AMS Alerts feature, allowing authenticated users to inject and execute
arbitrary code. The vulnerability occurs when processing alert
definitions, where malicious input can be injected into the alert script
execution path. An attacker with authenticated access can exploit this
vulnerability to execute arbitrary commands on the server. The issue has
been fixed in the latest versions of Ambari.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 0 ≤ 2.7.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-21T23:02:41.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/01/21/9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T14:45:35.332834Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T14:46:09.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "4ra1n (https://github.com/4ra1n)"
},
{
"lang": "en",
"type": "reporter",
"value": "h4cking2thegate@gmail.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A remote code injection vulnerability exists in the Ambari Metrics and \nAMS Alerts feature, allowing authenticated users to inject and execute \narbitrary code. The vulnerability occurs when processing alert \ndefinitions, where malicious input can be injected into the alert script\n execution path. An attacker with authenticated access can exploit this \nvulnerability to execute arbitrary commands on the server. The issue has\n been fixed in the latest versions of Ambari."
}
],
"value": "A remote code injection vulnerability exists in the Ambari Metrics and \nAMS Alerts feature, allowing authenticated users to inject and execute \narbitrary code. The vulnerability occurs when processing alert \ndefinitions, where malicious input can be injected into the alert script\n execution path. An attacker with authenticated access can exploit this \nvulnerability to execute arbitrary commands on the server. The issue has\n been fixed in the latest versions of Ambari."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-75",
"description": "CWE-75 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T21:24:23.360Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/xq50nlff7o7z1kq3y637clzzl6mjhl8j"
}
],
"source": {
"defect": [
"AMBARI-26202"
],
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: Remote Code Injection in Ambari Metrics and AMS Alerts",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-51941",
"datePublished": "2025-01-21T21:24:23.360Z",
"dateReserved": "2024-11-04T11:47:16.721Z",
"dateUpdated": "2025-01-22T14:46:09.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50379 (GCVE-0-2023-50379)
Vulnerability from cvelistv5
Published
2024-02-27 08:27
Modified
2025-02-13 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Malicious code injection in Apache Ambari in prior to 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue.
Impact:
A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.7.0 ≤ 2.7.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/jglww6h6ngxpo1r6r5fx7ff7z29lnvv8"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ambari",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-50379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T20:09:22.680577Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T20:11:33.829Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eMalicious code injection in Apache Ambari in prior to 2.7.8.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers are recommended to upgrade to version 2.7.8, which fixes this issue.\u003c/span\u003e\u003c/span\u003e\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan style=\"background-color: transparent;\"\u003eImpact:\u003c/span\u003e\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan style=\"background-color: transparent;\"\u003eA Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Malicious code injection in Apache Ambari in prior to 2.7.8.\u00a0Users are recommended to upgrade to version 2.7.8, which fixes this issue.\n\nImpact:\nA Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T08:30:08.149Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/jglww6h6ngxpo1r6r5fx7ff7z29lnvv8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: authenticated users could perform command injection to perform RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-50379",
"datePublished": "2024-02-27T08:27:03.120Z",
"dateReserved": "2023-12-07T14:11:46.308Z",
"dateUpdated": "2025-02-13T17:19:25.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1775 (GCVE-0-2015-1775)
Vulnerability from cvelistv5
Published
2015-11-02 19:00
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:15.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-1775] Apache Ambari Server Side Request Forgery vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-02T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-1775] Apache Ambari Server Side Request Forgery vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-1775] Apache Ambari Server Side Request Forgery vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1775",
"datePublished": "2015-11-02T19:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:15.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-42009 (GCVE-0-2022-42009)
Vulnerability from cvelistv5
Published
2023-07-12 09:58
Modified
2024-10-04 13:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-917 - Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
Summary
SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.7.0 ≤ 2.7.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:56:39.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/6xf477ttz1oxmg0bx0tpdoz2mlqd7sbc"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ambari",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.7.6",
"status": "affected",
"version": "2.7.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T13:48:37.647308Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T13:49:38.984Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.6",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jecki Go (jecgo@visa.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. U\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esers are recommended to upgrade to 2.7.7.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T09:58:19.752Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/6xf477ttz1oxmg0bx0tpdoz2mlqd7sbc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-42009",
"datePublished": "2023-07-12T09:58:19.752Z",
"dateReserved": "2022-10-02T08:56:54.293Z",
"dateUpdated": "2024-10-04T13:49:38.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5655 (GCVE-0-2017-5655)
Vulnerability from cvelistv5
Published
2017-05-15 14:00
Modified
2024-08-05 15:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- exposure of sensitive data
Summary
In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.2.2 through 2.4.2 Version: 2.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:47.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.2.2 through 2.4.2"
},
{
"status": "affected",
"version": "2.5.0"
}
]
}
],
"datePublic": "2017-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "exposure of sensitive data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-15T13:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_value": "2.2.2 through 2.4.2"
},
{
"version_value": "2.5.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "exposure of sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5655",
"datePublished": "2017-05-15T14:00:00",
"dateReserved": "2017-01-29T00:00:00",
"dateUpdated": "2024-08-05T15:11:47.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13924 (GCVE-0-2020-13924)
Vulnerability from cvelistv5
Published
2021-03-17 09:05
Modified
2025-02-13 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- directory traversal
Summary
In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: Apache Ambari < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.6.2.2",
"status": "affected",
"version": "Apache Ambari",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "threedr3am"
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-04T12:34:05.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-13924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache Ambari",
"version_value": "2.6.2.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "threedr3am"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E",
"refsource": "MISC",
"url": "https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-13924",
"datePublished": "2021-03-17T09:05:19.000Z",
"dateReserved": "2020-06-08T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:28.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50380 (GCVE-0-2023-50380)
Vulnerability from cvelistv5
Published
2024-02-27 16:51
Modified
2025-03-27 19:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue.
More Details:
Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation.
This vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system files. In theory, it might be possible to use this to escalate privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.7.0 ≤ 2.7.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ambari",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-50380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T04:00:44.747498Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T19:53:06.868Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eXML External Entity injection in apache ambari versions \u0026lt;= 2.7.7,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers are recommended to upgrade to version 2.7.8, which fixes this issue.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u003cbr\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eMore Details:\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eOozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system files. In theory, it might be possible to use this to escalate privileges.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "XML External Entity injection in apache ambari versions \u003c= 2.7.7,\u00a0Users are recommended to upgrade to version 2.7.8, which fixes this issue.\n\nMore Details:\n\nOozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation.\n\nThis vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system files. In theory, it might be possible to use this to escalate privileges."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T16:55:14.969Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-50380",
"datePublished": "2024-02-27T16:51:33.978Z",
"dateReserved": "2023-12-07T14:14:33.138Z",
"dateUpdated": "2025-03-27T19:53:06.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6807 (GCVE-0-2016-6807)
Vulnerability from cvelistv5
Published
2017-03-28 20:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- missing authorization check
Summary
Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.4.x before 2.4.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:37.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.4.x before 2.4.2"
}
]
}
],
"datePublic": "2016-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "missing authorization check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-30T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "97184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2016-6807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_value": "2.4.x before 2.4.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "missing authorization check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97184"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-6807",
"datePublished": "2017-03-28T20:00:00",
"dateReserved": "2016-08-12T00:00:00",
"dateUpdated": "2024-08-06T01:43:37.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4940 (GCVE-0-2015-4940)
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034102",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034102"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T22:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1034102",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034102"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-4940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034102",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034102"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-4940",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50378 (GCVE-0-2023-50378)
Vulnerability from cvelistv5
Published
2024-03-01 14:38
Modified
2024-11-07 16:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8
Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads.
Users are recommended to upgrade to version 2.7.8 which fixes this issue.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.7.0 ≤ 2.7.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-50378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-05T19:28:57.526763Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T16:03:03.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/6hn0thq743vz9gh283s2d87wz8tqh37c"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eLack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8\u0026nbsp;\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u0026nbsp;Impact : As it will be \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003estored XSS,\u0026nbsp;\u003c/span\u003eCould be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. \u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers are recommended to upgrade to version 2.7.8 which fixes this issue.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8\u00a0\u00a0\n\n\u00a0Impact : As it will be stored XSS,\u00a0Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. \n\nUsers are recommended to upgrade to version 2.7.8 which fixes this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T12:23:16.421Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/6hn0thq743vz9gh283s2d87wz8tqh37c"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: Various XSS problems",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-50378",
"datePublished": "2024-03-01T14:38:29.732Z",
"dateReserved": "2023-12-07T14:02:23.087Z",
"dateUpdated": "2024-11-07T16:03:03.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3186 (GCVE-0-2015-3186)
Vulnerability from cvelistv5
Published
2015-11-02 19:00
Modified
2024-08-06 05:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration change.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-3186] Apache Ambari XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration change."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-02T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-3186] Apache Ambari XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-3186] Apache Ambari XSS vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3186",
"datePublished": "2015-11-02T19:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0731 (GCVE-0-2016-0731)
Vulnerability from cvelistv5
Published
2016-05-18 14:00
Modified
2024-08-05 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:04.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/AMBARI-14780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-18T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/AMBARI-14780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/AMBARI-14780",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/AMBARI-14780"
},
{
"name": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html",
"refsource": "CONFIRM",
"url": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0731",
"datePublished": "2016-05-18T14:00:00",
"dateReserved": "2015-12-16T00:00:00",
"dateUpdated": "2024-08-05T22:30:04.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0707 (GCVE-0-2016-0707)
Vulnerability from cvelistv5
Published
2016-05-18 14:00
Modified
2024-08-05 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:03.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-18T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0707",
"datePublished": "2016-05-18T14:00:00",
"dateReserved": "2015-12-16T00:00:00",
"dateUpdated": "2024-08-05T22:30:03.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5654 (GCVE-0-2017-5654)
Vulnerability from cvelistv5
Published
2017-05-12 21:00
Modified
2024-08-05 15:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- XML injection
Summary
In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.4.0 through 2.4.2 Version: 2.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.4.0 through 2.4.2"
},
{
"status": "affected",
"version": "2.5.0"
}
]
}
],
"datePublic": "2017-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XML injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-12T20:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_value": "2.4.0 through 2.4.2"
},
{
"version_value": "2.5.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5654",
"datePublished": "2017-05-12T21:00:00",
"dateReserved": "2017-01-29T00:00:00",
"dateUpdated": "2024-08-05T15:11:48.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45855 (GCVE-0-2022-45855)
Vulnerability from cvelistv5
Published
2023-07-12 09:59
Modified
2024-10-04 13:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-917 - Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
Summary
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.7.0 ≤ 2.7.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:02.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/302c4hwfjy9lx63jrbhcdx948pxc54l1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ambari",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.7.6",
"status": "affected",
"version": "2.7.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T13:50:05.975444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T13:50:54.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.6",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "rg \u003c18993610179@163.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely.\u0026nbsp;U\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esers are recommended to upgrade to 2.7.7.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely.\u00a0Users are recommended to upgrade to 2.7.7.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T09:59:44.492Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/302c4hwfjy9lx63jrbhcdx948pxc54l1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Ambari: Allows authenticated metrics consumers to perform RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-45855",
"datePublished": "2023-07-12T09:59:44.492Z",
"dateReserved": "2022-11-23T09:10:46.930Z",
"dateUpdated": "2024-10-04T13:50:54.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4928 (GCVE-0-2015-4928)
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive information by reading password fields.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034102",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034102"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive information by reading password fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T22:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1034102",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034102"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-4928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive information by reading password fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034102",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034102"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-4928",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5210 (GCVE-0-2015-5210)
Vulnerability from cvelistv5
Published
2015-11-02 19:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-5210] Unvalidated Redirects and Forwards using targetURI parameter can enable phishing exploits",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-02T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-5210] Unvalidated Redirects and Forwards using targetURI parameter can enable phishing exploits",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"name": "[oss-security] 20151013 [CVE-2015-5210] Unvalidated Redirects and Forwards using targetURI parameter can enable phishing exploits",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5210",
"datePublished": "2015-11-02T19:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8042 (GCVE-0-2018-8042)
Vulnerability from cvelistv5
Published
2018-07-18 15:00
Modified
2024-09-17 01:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Ambari |
Version: 2.5.0 to 2.6.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:12.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104869",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104869"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.5.0 to 2.6.2"
}
]
}
],
"datePublic": "2018-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-24T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "104869",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104869"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-07-18T00:00:00",
"ID": "CVE-2018-8042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Ambari",
"version": {
"version_data": [
{
"version_value": "2.5.0 to 2.6.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104869",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104869"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-8042",
"datePublished": "2018-07-18T15:00:00Z",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-09-17T01:26:55.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-03-29 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/97229 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97229 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0 | Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3394B0FD-5DD2-434B-8E83-429CE2B9E1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96ECE226-03F0-4C10-972D-96EFE28A67EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78F087FC-ED5F-4F68-9CEA-C8FA11B66B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5FA9F4-80F6-4990-A9DA-CC3820C66DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82A24155-1163-4A91-996B-D35DA1E3BCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AE4192-0CAE-4017-B817-913131AB1C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "762A15F7-0939-43B9-96EB-92654B7772EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C45764B-3E1F-420A-9B0D-FAF5DACF30A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40ED1582-73DA-4CFE-9B2A-765A464FB205",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing."
},
{
"lang": "es",
"value": "Apache Ambari 2.x en versiones anteriores a 2.4.0 incluye contrase\u00f1as de administrador de KDC en la l\u00ednea de comandos de kadmin, lo que permite a usuarios locales obtener informaci\u00f3n sensible a trav\u00e9s de una lista de procesos."
}
],
"id": "CVE-2016-4976",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-29T20:59:00.247",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97229"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-18 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51273973-2E1C-4AB6-8009-948DF97371F4",
"versionEndIncluding": "2.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories."
},
{
"lang": "es",
"value": "El agente en Apache Ambari en versiones anteriores a 2.1.2 utiliza permisos d\u00e9biles para los directorios (1) /var/lib/ambari-agent/data y (2) /var/lib/ambari-agent/keys, lo que permite a los usuarios locales obetener informaci\u00f3n sensible a trav\u00e9s de la lectura de archivos en los directorios."
}
],
"id": "CVE-2016-0707",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-18T14:59:01.770",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-02 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration change.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2015/10/13/1 | ||
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/10/13/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6E4B1-F97A-43AD-8642-BCA1AA53AF4A",
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82B04633-452E-4D58-BA1F-4321D1330E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3394B0FD-5DD2-434B-8E83-429CE2B9E1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96ECE226-03F0-4C10-972D-96EFE28A67EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration change."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en Apache Ambari en versiones anteriores a 2.1.0 permite a usuarios operadores de grupo autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del campo note en un cambio de configuraci\u00f3n."
}
],
"id": "CVE-2015-3186",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-02T19:59:01.793",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-12 10:15
Modified
2024-11-21 07:24
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/6xf477ttz1oxmg0bx0tpdoz2mlqd7sbc | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/6xf477ttz1oxmg0bx0tpdoz2mlqd7sbc | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CBE8084-8AA5-47EA-A0DE-2725AAB7FEC6",
"versionEndExcluding": "2.7.7",
"versionStartIncluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.\n"
}
],
"id": "CVE-2022-42009",
"lastModified": "2024-11-21T07:24:15.440",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "security@apache.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-12T10:15:09.447",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/6xf477ttz1oxmg0bx0tpdoz2mlqd7sbc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/6xf477ttz1oxmg0bx0tpdoz2mlqd7sbc"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "security@apache.org",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-29 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0 | Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCB397E-5E1F-4AD9-B344-81185555A1F4",
"versionEndIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster."
},
{
"lang": "es",
"value": "En Ambari versiones 1.2.0 hasta 2.2.2, puede ser posible ejecutar comandos de sistema arbitrarios en el host del servidor de Ambari mientras se generan los certificados SSL para los hosts en un cl\u00faster de Ambari."
}
],
"id": "CVE-2014-3582",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-29T20:59:00.170",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.0"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-27 09:15
Modified
2025-05-05 21:01
Severity ?
Summary
Malicious code injection in Apache Ambari in prior to 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue.
Impact:
A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2024/02/27/1 | Third Party Advisory, Mailing List | |
| security@apache.org | https://lists.apache.org/thread/jglww6h6ngxpo1r6r5fx7ff7z29lnvv8 | Vendor Advisory, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/02/27/1 | Third Party Advisory, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/jglww6h6ngxpo1r6r5fx7ff7z29lnvv8 | Vendor Advisory, Mailing List |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C18362CB-E929-4C5F-9526-B33DAA1719EB",
"versionEndExcluding": "2.7.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Malicious code injection in Apache Ambari in prior to 2.7.8.\u00a0Users are recommended to upgrade to version 2.7.8, which fixes this issue.\n\nImpact:\nA Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host."
},
{
"lang": "es",
"value": "Inyecci\u00f3n de c\u00f3digo malicioso en Apache Ambari en versiones anteriores a 2.7.8. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.7.8, que soluciona este problema. Impacto: un operador de cl\u00faster puede manipular la solicitud agregando una inyecci\u00f3n de c\u00f3digo malicioso y obteniendo una ra\u00edz sobre el host principal del cl\u00faster."
}
],
"id": "CVE-2023-50379",
"lastModified": "2025-05-05T21:01:27.150",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-02-27T09:15:36.827",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/1"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory",
"Mailing List"
],
"url": "https://lists.apache.org/thread/jglww6h6ngxpo1r6r5fx7ff7z29lnvv8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory",
"Mailing List"
],
"url": "https://lists.apache.org/thread/jglww6h6ngxpo1r6r5fx7ff7z29lnvv8"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security@apache.org",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-03 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "243741C6-FCA5-4E8F-93A6-033144214F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "114B2179-C5A7-4802-9A3C-580BF8153285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9668FD5A-C08E-403B-8B6F-04FFA3C6296D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs."
},
{
"lang": "es",
"value": "Durante la instalaci\u00f3n de Ambari 2.4.0 a 2.4.2, los artefactos Ambari Server no se crean con las ACL adecuadas."
}
],
"id": "CVE-2017-5642",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-03T16:59:00.163",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-17 09:15
Modified
2024-11-21 05:02
Severity ?
Summary
In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E | Exploit, Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAAD01F-EED1-4141-9EE8-01A722739E02",
"versionEndIncluding": "2.6.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files."
},
{
"lang": "es",
"value": "En Apache Ambari versiones 2.6.2.2 y anteriores, los usuarios maliciosos pueden construir nombres de archivo para saltos de directorio y saltar otros directorios para descargar archivos"
}
],
"id": "CVE-2020-13924",
"lastModified": "2024-11-21T05:02:09.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-17T09:15:11.983",
"references": [
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://mail-archives.apache.org/mod_mbox/ambari-user/202102.mbox/%3CCAEJYuxEQZ_aPwJdAaSxPu-Dva%3Dhc7zZUx3-pzBORbd23g%2BGH1A%40mail.gmail.com%3E"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-21 22:15
Modified
2025-06-09 19:35
Severity ?
Summary
A remote code injection vulnerability exists in the Ambari Metrics and
AMS Alerts feature, allowing authenticated users to inject and execute
arbitrary code. The vulnerability occurs when processing alert
definitions, where malicious input can be injected into the alert script
execution path. An attacker with authenticated access can exploit this
vulnerability to execute arbitrary commands on the server. The issue has
been fixed in the latest versions of Ambari.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/xq50nlff7o7z1kq3y637clzzl6mjhl8j | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/01/21/9 | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F657FE3D-6887-40EF-91E2-910EE1997D2D",
"versionEndIncluding": "2.7.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code injection vulnerability exists in the Ambari Metrics and \nAMS Alerts feature, allowing authenticated users to inject and execute \narbitrary code. The vulnerability occurs when processing alert \ndefinitions, where malicious input can be injected into the alert script\n execution path. An attacker with authenticated access can exploit this \nvulnerability to execute arbitrary commands on the server. The issue has\n been fixed in the latest versions of Ambari."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de c\u00f3digo remoto en la funci\u00f3n Ambari Metrics y AMS Alerts, que permite a los usuarios autenticados inyectar y ejecutar c\u00f3digo arbitrario. La vulnerabilidad se produce al procesar definiciones de alertas, donde se puede inyectar informaci\u00f3n maliciosa en la ruta de ejecuci\u00f3n de la alerta script. Un atacante con acceso autenticado puede aprovechar esta vulnerabilidad para ejecutar comandos arbitrarios en el servidor. El problema se ha solucionado en las \u00faltimas versiones de Ambari."
}
],
"id": "CVE-2024-51941",
"lastModified": "2025-06-09T19:35:29.127",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-01-21T22:15:12.447",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/xq50nlff7o7z1kq3y637clzzl6mjhl8j"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2025/01/21/9"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-75"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-27 17:15
Modified
2025-03-27 20:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue.
More Details:
Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation.
This vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system files. In theory, it might be possible to use this to escalate privileges.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2024/02/27/6 | Mailing List | |
| security@apache.org | https://lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/02/27/6 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92348BC0-F207-4660-A8AD-13714D0C09A2",
"versionEndExcluding": "2.7.8",
"versionStartIncluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XML External Entity injection in apache ambari versions \u003c= 2.7.7,\u00a0Users are recommended to upgrade to version 2.7.8, which fixes this issue.\n\nMore Details:\n\nOozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation.\n\nThis vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system files. In theory, it might be possible to use this to escalate privileges."
},
{
"lang": "es",
"value": "Inyecci\u00f3n de entidad externa XML en versiones de Apache Ambari \u0026lt;= 2.7.7. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.7.8, que soluciona este problema. M\u00e1s detalles: Oozie Workflow Scheduler ten\u00eda una vulnerabilidad que permit\u00eda la lectura de archivos a nivel ra\u00edz y la escalada de privilegios de usuarios con pocos privilegios. La vulnerabilidad se debi\u00f3 a la falta de una validaci\u00f3n adecuada de la entrada del usuario. Esta vulnerabilidad se conoce como ataque de inyecci\u00f3n de entidad externa XML (XXE). Los atacantes pueden aprovechar las vulnerabilidades de XXE para leer archivos arbitrarios en el servidor, incluidos archivos confidenciales del sistema. En teor\u00eda, podr\u00eda ser posible utilizar esto para aumentar los privilegios."
}
],
"id": "CVE-2023-50380",
"lastModified": "2025-03-27T20:15:20.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-02-27T17:15:11.300",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/6"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "security@apache.org",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-01 15:15
Modified
2025-05-28 19:55
Severity ?
Summary
Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8
Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads.
Users are recommended to upgrade to version 2.7.8 which fixes this issue.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/6hn0thq743vz9gh283s2d87wz8tqh37c | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/03/01/5 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/6hn0thq743vz9gh283s2d87wz8tqh37c | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92348BC0-F207-4660-A8AD-13714D0C09A2",
"versionEndExcluding": "2.7.8",
"versionStartIncluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8\u00a0\u00a0\n\n\u00a0Impact : As it will be stored XSS,\u00a0Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. \n\nUsers are recommended to upgrade to version 2.7.8 which fixes this issue."
},
{
"lang": "es",
"value": "Falta de validaci\u00f3n de entrada adecuada y aplicaci\u00f3n de restricciones en Apache Ambari antes de 2.7.8 Impacto: como se almacenar\u00e1 XSS, podr\u00eda explotarse para realizar acciones no autorizadas, que van desde el acceso a datos hasta el secuestro de sesiones y la entrega de payloads maliciosos. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.7.8, que soluciona este problema."
}
],
"id": "CVE-2023-50378",
"lastModified": "2025-05-28T19:55:25.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-01T15:15:08.310",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/6hn0thq743vz9gh283s2d87wz8tqh37c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/6hn0thq743vz9gh283s2d87wz8tqh37c"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-28 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.securityfocus.com/bid/97184 | Third Party Advisory, VDB Entry | |
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2 | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "243741C6-FCA5-4E8F-93A6-033144214F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "114B2179-C5A7-4802-9A3C-580BF8153285",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process."
},
{
"lang": "es",
"value": "Los comandos personalizados pueden ser ejecutados en hosts Ambari Agent (2.4.x, en versiones anteriores a 2.4.2) sin autorizaci\u00f3n, lo que lleva a una acceso no autorizado a operaciones que pueden afectar a sistema subyacente. Tales operaciones son invocadas por el proceso Ambari Agent en el hosts Ambari Agent, com el usuario que ejecuta el proceso Ambari Agent."
}
],
"id": "CVE-2016-6807",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-28T20:59:00.170",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97184"
},
{
"source": "security@apache.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-12 21:29
Modified
2025-04-20 01:37
Severity ?
Summary
In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3 | Vendor Advisory | |
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "243741C6-FCA5-4E8F-93A6-033144214F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "114B2179-C5A7-4802-9A3C-580BF8153285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C282AEEA-8E12-4B62-8535-B23EFFA0D188",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes."
},
{
"lang": "es",
"value": "En Ambari 2.4.x en versiones anteriores a la 2.4.3 y en la versi\u00f3n 2.5.0 de Ambari, un usuario autorizado de Ambari Hive View podr\u00eda ganar acceso de lectura no autorizado a archivos almacenados en el host en el que el servidor Ambari ejecuta."
}
],
"id": "CVE-2017-5654",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-12T21:29:00.160",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-91"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-02 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2015/10/13/3 | ||
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/10/13/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82B04633-452E-4D58-BA1F-4321D1330E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3394B0FD-5DD2-434B-8E83-429CE2B9E1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96ECE226-03F0-4C10-972D-96EFE28A67EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5FA9F4-80F6-4990-A9DA-CC3820C66DB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords."
},
{
"lang": "es",
"value": "Apache Ambari en versiones anteriores a 2.0.2 o 2.1.x en versiones anteriores a 2.1.1 permite a usuarios remotos autenticados obtener privilegios administrativos a trav\u00e9s de vectores no especificados, posiblemente relacionados con cambios de contrase\u00f1as."
}
],
"id": "CVE-2015-3270",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-02T19:59:02.980",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-03 23:29
Modified
2024-11-21 04:13
Severity ?
Summary
Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. Direct network access to the Ambari Server is required to issue this request, and those Ambari Servers that are protected behind a firewall, or in a restricted network zone are at less risk of being affected by this issue.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.securityfocus.com/bid/104161 | Third Party Advisory, VDB Entry | |
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104161 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79055240-571C-474C-98AB-818B98C4A912",
"versionEndIncluding": "2.6.1",
"versionStartIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. Direct network access to the Ambari Server is required to issue this request, and those Ambari Servers that are protected behind a firewall, or in a restricted network zone are at less risk of being affected by this issue."
},
{
"lang": "es",
"value": "Apache Ambari, de la versi\u00f3n 1.4.0 a la 2.6.1, es susceptible a un ataque de salto de directorio que permite que un usuario no autenticado manipule una petici\u00f3n HTTP que proporciona acceso de solo lectura a cualquier archivo en el sistema de archivos del host en el que se ejecuta que es accesible por el usuario como el que se est\u00e1 ejecutando el servidor de Ambari. El acceso de red directo al servidor de Ambari es necesario para enviar esta petici\u00f3n; los servidores Ambari que est\u00e1n protegidos tras un firewall o en una zona de red restringida son menos propensos a verse afectados por este problema."
}
],
"id": "CVE-2018-8003",
"lastModified": "2024-11-21T04:13:04.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-03T23:29:00.180",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104161"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8003"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-02 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2015/10/13/2 | ||
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/10/13/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D687C0-4839-4667-BEAA-A82BF1D6E6A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A9FE93D6-5E6E-4A2B-BC4F-FAE5130D084A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA65F485-D2BD-496C-8F5E-0E5058C8709D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5BC73E9-D247-4C4E-BED1-E4F6573716EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82B04633-452E-4D58-BA1F-4321D1330E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3394B0FD-5DD2-434B-8E83-429CE2B9E1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96ECE226-03F0-4C10-972D-96EFE28A67EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78F087FC-ED5F-4F68-9CEA-C8FA11B66B32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call."
},
{
"lang": "es",
"value": "Vulnerabilidad de SSRF en en el proxy del terminal (api/v1/proxy) en Apache Ambari en versiones anteriores a 2.1.0 permite a usuarios remotos autenticados llevar a cabo escaneos de puerto y acceder a servicios no garantizados a trav\u00e9s de una llamada REST manipulada."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/918.html\"\u003eCWE-918: Server-Side Request Forgery (SSRF)\u003c/a\u003e",
"id": "CVE-2015-1775",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-02T19:59:00.107",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-18 15:29
Modified
2024-11-21 04:13
Severity ?
Summary
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.securityfocus.com/bid/104869 | Broken Link | |
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104869 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A72D39F-3920-4C7E-89CC-9FA10AE17FB2",
"versionEndIncluding": "2.6.2",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie."
},
{
"lang": "es",
"value": "En Apache Ambari, desde la versi\u00f3n 2.5.0 hasta la 2.6.2, las contrase\u00f1as para los almacenes de credenciales de Hadoop se exponen en los mensajes de informaci\u00f3n de registro del agente de Ambari cuando la caracter\u00edstica de almacenamiento de credenciales est\u00e1 habilitada en los servicios disponibles. Por ejemplo, Hive y Oozie."
}
],
"id": "CVE-2018-8042",
"lastModified": "2024-11-21T04:13:09.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-18T15:29:00.437",
"references": [
{
"source": "security@apache.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104869"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-CVE-2018-8042"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-02 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2015/10/13/4 | ||
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/10/13/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51273973-2E1C-4AB6-8009-948DF97371F4",
"versionEndIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82B04633-452E-4D58-BA1F-4321D1330E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3394B0FD-5DD2-434B-8E83-429CE2B9E1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96ECE226-03F0-4C10-972D-96EFE28A67EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78F087FC-ED5F-4F68-9CEA-C8FA11B66B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5FA9F4-80F6-4990-A9DA-CC3820C66DB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n abierta en Apache Ambari en versiones anteriores a 2.1.2 permite a atacantes remotos redirigir a usuarios a p\u00e1ginas web arbitrarias y llevar a cabo ataques de phishing a trav\u00e9s de una URL en el par\u00e1metro targetURI."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/601.html\"\u003eCWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\u003c/a\u003e",
"id": "CVE-2015-5210",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-02T19:59:04.187",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/10/13/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-12 10:15
Modified
2024-11-21 07:29
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CBE8084-8AA5-47EA-A0DE-2725AAB7FEC6",
"versionEndExcluding": "2.7.7",
"versionStartIncluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely.\u00a0Users are recommended to upgrade to 2.7.7.\n"
}
],
"id": "CVE-2022-45855",
"lastModified": "2024-11-21T07:29:50.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "security@apache.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-12T10:15:09.547",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/302c4hwfjy9lx63jrbhcdx948pxc54l1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/302c4hwfjy9lx63jrbhcdx948pxc54l1"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "security@apache.org",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-21 22:15
Modified
2025-06-09 19:36
Severity ?
Summary
An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie
project, allowing an attacker to inject malicious XML entities. This
vulnerability occurs due to insecure parsing of XML input using the
`DocumentBuilderFactory` class without disabling external entity
resolution. An attacker can exploit this vulnerability to read arbitrary
files on the server or perform server-side request forgery (SSRF)
attacks. The issue has been fixed in both Ambari 2.7.9 and the trunk
branch.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/hsb6mvxd7g37dq1ygtd0pd88gs9tfcwq | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/01/21/7 | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAB94B88-4AAB-4690-8A00-DD223D72E8D4",
"versionEndExcluding": "2.7.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie \nproject, allowing an attacker to inject malicious XML entities. This \nvulnerability occurs due to insecure parsing of XML input using the \n`DocumentBuilderFactory` class without disabling external entity \nresolution. An attacker can exploit this vulnerability to read arbitrary\n files on the server or perform server-side request forgery (SSRF) \nattacks. The issue has been fixed in both Ambari 2.7.9 and the trunk \nbranch."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de entidad externa XML (XXE) en el proyecto Ambari/Oozie, que permite a un atacante inyectar entidades XML maliciosas. Esta vulnerabilidad se produce debido a un an\u00e1lisis inseguro de la entrada XML mediante la clase `DocumentBuilderFactory` sin deshabilitar la resoluci\u00f3n de entidades externas. Un atacante puede aprovechar esta vulnerabilidad para leer archivos arbitrarios en el servidor o realizar ataques Server-Side Request Forgery (SSRF). El problema se ha solucionado tanto en Ambari 2.7.9 como en la rama troncal."
}
],
"id": "CVE-2025-23195",
"lastModified": "2025-06-09T19:36:09.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-01-21T22:15:12.863",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/hsb6mvxd7g37dq1ygtd0pd88gs9tfcwq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2025/01/21/7"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-18 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1 | Vendor Advisory | |
| secalert@redhat.com | https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html | ||
| secalert@redhat.com | https://issues.apache.org/jira/browse/AMBARI-14780 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.apache.org/jira/browse/AMBARI-14780 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58F6D1D1-1E2D-406C-AB6B-A971C9ED01BB",
"versionEndIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration."
},
{
"lang": "es",
"value": "El File Browser View en Apache Ambari en versiones anteriores a 2.2.1 permite a administradores remotos autenticados leer archivos arbitrarios a trav\u00e9s de un archivo: URL en la configuraci\u00f3n WebHDFS URL."
}
],
"id": "CVE-2016-0731",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-18T14:59:03.007",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1"
},
{
"source": "secalert@redhat.com",
"url": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/AMBARI-14780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/AMBARI-14780"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-15 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3 | Release Notes, Vendor Advisory | |
| security@apache.org | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1 | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | ambari | 2.2.2 | |
| apache | ambari | 2.2.2 | |
| apache | ambari | 2.2.2 | |
| apache | ambari | 2.4.0 | |
| apache | ambari | 2.4.0 | |
| apache | ambari | 2.4.1 | |
| apache | ambari | 2.4.1 | |
| apache | ambari | 2.4.1 | |
| apache | ambari | 2.4.2 | |
| apache | ambari | 2.4.2 | |
| apache | ambari | 2.4.2 | |
| apache | ambari | 2.5.0 | |
| apache | ambari | 2.5.0 | |
| apache | ambari | 2.5.0 | |
| apache | ambari | 2.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40ED1582-73DA-4CFE-9B2A-765A464FB205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.2.2:rc0:*:*:*:*:*:*",
"matchCriteriaId": "E6EA965D-7D10-4C4E-A4A7-762538BDFEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "37DCE19A-294D-4384-92CB-42B36F759F82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "243741C6-FCA5-4E8F-93A6-033144214F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "8185C0EB-4BF3-41EF-AD85-3A7AFFFAD9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "114B2179-C5A7-4802-9A3C-580BF8153285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.1:rc0:*:*:*:*:*:*",
"matchCriteriaId": "9046DB2D-E7DF-434C-BE67-759BD85E0B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9ECC970E-2645-4B03-9E28-16359C5022BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9668FD5A-C08E-403B-8B6F-04FFA3C6296D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.2:rc0:*:*:*:*:*:*",
"matchCriteriaId": "699F0806-D841-4955-A101-448E3DC62E8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.4.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "27C40CB9-5E15-481F-9519-01820C348039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C282AEEA-8E12-4B62-8535-B23EFFA0D188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.5.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "7DA49EF4-F633-401D-AE87-569E85ABC0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7CBBC4A8-AD6B-4B9D-ADAB-2DD436993260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:ambari:2.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2DCBCECF-6079-4330-8BB2-CAD56B938997",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host."
},
{
"lang": "es",
"value": "En Ambari desde la versi\u00f3n 2.2.2 hasta la 2.4.2 y en la 2.5.0, puede darse el caso de que haya datos sensibles almacenados en archivos temporales en el host del servidor de Ambari. Cualquier usuario autenticado en el host puede leer los archivos temporales."
}
],
"id": "CVE-2017-5655",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-15T14:29:00.213",
"references": [
{
"source": "security@apache.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"source": "security@apache.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive information by reading password fields.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21969202 | Vendor Advisory | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1034102 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21969202 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034102 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | ambari | * | |
| ibm | infosphere_biginsights | 4.0.0.0 | |
| ibm | infosphere_biginsights | 4.0.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6E4B1-F97A-43AD-8642-BCA1AA53AF4A",
"versionEndIncluding": "2.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_biginsights:4.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D13EADA0-0A9D-4D91-9625-73A2F6792B62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_biginsights:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6978A710-06E5-4DB2-87B6-8100066B65D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive information by reading password fields."
},
{
"lang": "es",
"value": "Apache Ambari en versiones anteriores a 2.1, tal como se utiliza en IBM Infosphere BigInsights 4.x en versiones anteriores a 4.1, incluye las contrase\u00f1as en texto plano en una pantalla Configs, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos obtener informaci\u00f3n sensible a mediante la lectura de campos password."
}
],
"evaluatorComment": "Per \u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21969202\"\u003e\u003c/a\u003e CVSS Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N states that this is a network attack and not local",
"id": "CVE-2015-4928",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-08T22:59:10.373",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1034102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034102"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-02 09:15
Modified
2024-11-21 05:11
Severity ?
Summary
A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2021/03/02/1 | Mailing List, Third Party Advisory | |
| security@apache.org | https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/03/02/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C15BC15F-1454-4274-A9D4-A179FE9A497D",
"versionEndExcluding": "2.7.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un problema de tipo cross-site scripting en Apache Ambari Views.\u0026#xa0;Esto se solucion\u00f3 en Apache Ambari versi\u00f3n 2.7.4"
}
],
"id": "CVE-2020-1936",
"lastModified": "2024-11-21T05:11:39.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-02T09:15:12.863",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/02/1"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/02/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/946a9d72e664ad8bc592168d9a2fed88100c6e9f1bdfea08e91a3184%40%3Cuser.ambari.apache.org%3E"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-21 22:15
Modified
2025-06-09 19:42
Severity ?
Summary
A code injection vulnerability exists in the Ambari Alert Definition
feature, allowing authenticated users to inject and execute arbitrary
shell commands. The vulnerability arises when defining alert scripts,
where the script filename field is executed using `sh -c`. An attacker
with authenticated access can exploit this vulnerability to inject
malicious commands, leading to remote code execution on the server. The
issue has been fixed in the latest versions of Ambari.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/70g1l5lxvko7kvhyxmtmklhhfrlon837 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/01/21/8 | Mailing List, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAB94B88-4AAB-4690-8A00-DD223D72E8D4",
"versionEndExcluding": "2.7.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A code injection vulnerability exists in the Ambari Alert Definition \nfeature, allowing authenticated users to inject and execute arbitrary \nshell commands. The vulnerability arises when defining alert scripts, \nwhere the script filename field is executed using `sh -c`. An attacker \nwith authenticated access can exploit this vulnerability to inject \nmalicious commands, leading to remote code execution on the server. The \nissue has been fixed in the latest versions of Ambari."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en la funci\u00f3n de definici\u00f3n de alertas de Ambari, que permite a los usuarios autenticados inyectar y ejecutar comandos de shell arbitrarios. La vulnerabilidad surge al definir la alerta scripts, donde el campo de nombre de archivo script se ejecuta utilizando `sh -c`. Un atacante con acceso autenticado puede aprovechar esta vulnerabilidad para inyectar comandos maliciosos, lo que lleva a la ejecuci\u00f3n remota de c\u00f3digo en el servidor. El problema se ha solucionado en las \u00faltimas versiones de Ambari."
}
],
"id": "CVE-2025-23196",
"lastModified": "2025-06-09T19:42:00.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-01-21T22:15:12.987",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/70g1l5lxvko7kvhyxmtmklhhfrlon837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2025/01/21/8"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21969202 | Vendor Advisory | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1034102 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21969202 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034102 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | ambari | * | |
| ibm | infosphere_biginsights | 4.0.0.0 | |
| ibm | infosphere_biginsights | 4.0.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6E4B1-F97A-43AD-8642-BCA1AA53AF4A",
"versionEndIncluding": "2.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_biginsights:4.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D13EADA0-0A9D-4D91-9625-73A2F6792B62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_biginsights:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6978A710-06E5-4DB2-87B6-8100066B65D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file."
},
{
"lang": "es",
"value": "Apache Ambari en versiones anteriores a 2.1, tal como se utiliza en IBM Infosphere BigInsights 4.x en versiones anteriores a 4.1, almacena una contrase\u00f1a BigSheets en texto plano en un archivo de configuraci\u00f3n, lo cual permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de este archivo."
}
],
"id": "CVE-2015-4940",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-08T22:59:11.233",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1034102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034102"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}