2 matches found
Server side request forgery (ssrf)
Server-side request forgery SSRF vulnerability in the proxy endpoint api/v1/proxy in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call...
CVE-2015-1775
Apache Ambari (1.5.0–2.0.2) is vulnerable to SSRF via the proxy endpoint api/v1/proxy. The issue allows remote authenticated users to perform port scans and access unsecured services through a crafted REST call, due to improper validation in the proxy handling. Impact details in multiple sources ...