VYPR
Moderate severityNVD Advisory· Published Nov 2, 2015· Updated Jun 17, 2026

CVE-2015-1775

CVE-2015-1775

Description

Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.ambari:ambariMaven
>= 1.5.0, < 2.1.02.1.0

Affected products

9
  • Apache/Ambari8 versions
    cpe:2.3:a:apache:ambari:1.5.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:apache:ambari:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:1.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:ambari:2.0.2:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 1.5.0, < 2.1.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.