8 matches found
CVE-2025-23196
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when defining alert scripts, where the script filename field is executed using sh -c. An attacker with authenticated...
EUVD-2020-6174
Malware in sbrugna...
CVE-2025-23196
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when defining alert scripts, where the script filename field is executed using sh -c. An attacker with authenticated...
CVE-2025-23196 Apache Ambari: Code Injection Vulnerability in Ambari Alert Definition
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when defining alert scripts, where the script filename field is executed using sh -c. An attacker with authenticated...
PT-2025-4838 · Ambari · Ambari
Name of the Vulnerable Software and Affected Versions: Ambari affected versions not specified Description: A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when...
CVE-2020-14007
Solarwinds Orion with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4 allows XSS via a name of an alert definition...
CVE-2020-14007
Solarwinds Orion with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4 allows XSS via a name of an alert definition...
CVE-2020-14007
Solarwinds Orion with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4 allows XSS via a name of an alert definition...