Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache ambari vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-4928
Apache Ambari prior to 2.1, as used in IBM Infosphere BigInsights 4.x prior to 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate malicious users to obtain sensitive information by reading password fields.
Apache Ambari
2.1
CVSSv2
CVE-2015-4940
Apache Ambari prior to 2.1, as used in IBM Infosphere BigInsights 4.x prior to 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information by reading this file.
Apache Ambari
5.8
CVSSv2
CVE-2015-5210
Open redirect vulnerability in Apache Ambari prior to 2.1.2 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.
Apache Ambari 2.0.1
Apache Ambari 2.1.0
Apache Ambari
Apache Ambari 1.7.0
Apache Ambari 2.0.0
Apache Ambari 2.0.2
5.5
CVSSv2
CVE-2015-1775
Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari prior to 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call.
Apache Ambari 1.7.0
Apache Ambari 1.6.0
Apache Ambari 1.5.0
Apache Ambari 2.0.2
Apache Ambari 2.0.1
Apache Ambari 2.0.0
Apache Ambari 1.6.1
Apache Ambari 1.5.1
3.5
CVSSv2
CVE-2015-3186
Cross-site scripting (XSS) vulnerability in Apache Ambari prior to 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration change.
Apache Ambari
Apache Ambari 1.7.0
Apache Ambari 2.0.0
Apache Ambari 2.0.1
6.5
CVSSv2
CVE-2015-3270
Apache Ambari prior to 2.0.2 or 2.1.x prior to 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.
Apache Ambari 1.7.0
Apache Ambari 2.0.1
Apache Ambari 2.1.0
Apache Ambari 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3