Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache ambari vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50378
Lack of proper input validation and constraint enforcement in Apache Ambari before 2.7.8 Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. Users are recommended t...
NA
CVE-2023-50380
XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-pr...
NA
CVE-2023-50379
Malicious code injection in Apache Ambari in before 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue. Impact: A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host.
NA
CVE-2023-38156
Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability
Microsoft Azure Hdinsights -
NA
CVE-2023-36881
Azure Apache Ambari Spoofing Vulnerability
Microsoft Azure Hdinsights -
NA
CVE-2022-42009
SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
Apache Ambari
NA
CVE-2022-45855
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
Apache Ambari
NA
CVE-2023-23408
Azure Apache Ambari Spoofing Vulnerability
Microsoft Azure Hdinsights -
1 EDB exploit
445
VMScore
CVE-2020-13924
In Apache Ambari versions 2.6.2.2 and previous versions, malicious users can construct file names for directory traversal and traverse to other directories to download files.
Apache Ambari
383
VMScore
CVE-2020-1936
A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.
Apache Ambari
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »