[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2023-50380: Apache Ambari: authenticated users could perform XXE to read arbitrar
From: Brahma Reddy Battula <brahma () apache ! org>
Date: 2024-02-27 16:42:32
Message-ID: 0cc3cf0e-4b5c-287d-c157-f606d7f15cb2 () apache ! org
[Download RAW message or body]
Severity: important
Affected versions:
- Apache Ambari 2.7.0 through 2.7.7
Description:
XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to \
upgrade to version 2.7.8, which fixes this issue.
More Details:
Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and \
privilege escalation from low-privilege users. The vulnerability was caused through lack of \
proper user input validation.
This vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can \
exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system \
files. In theory, it might be possible to use this to escalate privileges.
References:
https://ambari.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-50380
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic