Ambari Security Vulnerabilities and Issues — Ambari CVE List

Lucene search

ApacheAmbari

5 matches found

CVE•added 2024/02/27 5:15 p.m.•7660 views

CVE-2023-50380

XML External Entity injection in apache ambari versions

6.5CVSS7.2AI score0.00102EPSS

CVE•added 2024/03/01 3:15 p.m.•66 views

CVE-2023-50378

Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8 Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. Users are recommended to upgrade to vers...

6.1CVSS6.2AI score0.0114EPSS

CVE•added 2021/03/02 9:15 a.m.•63 views

CVE-2020-1936

A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.

6.1CVSS5.9AI score0.02906EPSS

CVE•added 2017/05/15 2:29 p.m.•43 views

CVE-2017-5655

In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.

6.5CVSS6.3AI score0.00149EPSS

CVE•added 2015/11/02 7:59 p.m.•36 views

CVE-2015-3270

Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.

6.5CVSS6.9AI score0.01015EPSS