4 matches found
CVE-2022-45855
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7...
CVE-2022-45855
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7...
CVE-2022-45855
Apache Ambari is affected by a SpringEL injection in the metrics source, enabling a maliciously authenticated user to execute arbitrary code remotely in Ambari versions 2.7.0–2.7.6. The documented remediation is to upgrade to version 2.7.7. If your environment uses these versions, apply the upgra...
CVE-2022-45855 Apache Ambari: Allows authenticated metrics consumers to perform RCE
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7...