CVE-2023-50379
Apache Ambari: authenticated users could perform command injection to perform RCE
Malicious code injection in Apache Ambari in prior to 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue.
Impact:
A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Apache Software Foundation · Apache Ambari¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →