Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ambari Security Vulnerabilities - CVSS Score 5 - 6

cve
cve

CVE-2015-1775

Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call.

6.4AI Score

0.003EPSS

2015-11-02 07:59 PM
29
cve
cve

CVE-2015-5210

Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.

4.3AI Score

0.007EPSS

2015-11-02 07:59 PM
32
cve
cve

CVE-2016-4976

Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.

5.5CVSS

5.4AI Score

0.0004EPSS

2017-03-29 08:59 PM
26
cve
cve

CVE-2018-8003

Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is ru...

5.3CVSS

5.7AI Score

0.001EPSS

2018-05-03 11:29 PM
36