CVE-2015-1775

2015-11-02T19:59:00
ID CVE-2015-1775
Type cve
Reporter cve@mitre.org
Modified 2015-11-04T02:44:00

Description

Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call. <a href="https://cwe.mitre.org/data/definitions/918.html">CWE-918: Server-Side Request Forgery (SSRF)</a>