CVE-2023-50379
CVSS V2 None
CVSS V3 None
Description
Malicious code injection in Apache Ambari in prior to 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue.
Impact:
A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host.
Overview
- CVE ID
- CVE-2023-50379
- Assigner
- apache
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-02-27T08:27:03.120Z
- Last Modified Date
- 2024-02-27T08:27:03.120Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://lists.apache.org/thread/jglww6h6ngxpo1r6r5fx7ff7z29lnvv8 | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/02/27/1 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-50379 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50379 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 18:36:21 | Added to TrackCVE |