Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache ambari vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50378
Lack of proper input validation and constraint enforcement in Apache Ambari before 2.7.8 Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. Users are recommended t...
NA
CVE-2023-50380
XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-pr...
NA
CVE-2023-50379
Malicious code injection in Apache Ambari in before 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue. Impact: A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host.
NA
CVE-2023-38156
Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability
Microsoft Azure Hdinsights -
NA
CVE-2023-36881
Azure Apache Ambari Spoofing Vulnerability
Microsoft Azure Hdinsights -
NA
CVE-2022-45855
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
Apache Ambari
NA
CVE-2022-42009
SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
Apache Ambari
NA
CVE-2023-23408
Azure Apache Ambari Spoofing Vulnerability
Microsoft Azure Hdinsights -
1 EDB exploit
5
CVSSv2
CVE-2020-13924
In Apache Ambari versions 2.6.2.2 and previous versions, malicious users can construct file names for directory traversal and traverse to other directories to download files.
Apache Ambari
4.3
CVSSv2
CVE-2020-1936
A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.
Apache Ambari
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »