Moderate severityNVD Advisory· Published Nov 2, 2015· Updated May 6, 2026
CVE-2015-5210
CVE-2015-5210
Description
Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.ambari:ambariMaven | >= 1.7.0, < 2.1.2 | 2.1.2 |
Affected products
6cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*range: <=2.1.1
- cpe:2.3:a:apache:ambari:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:ambari:2.1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- cwiki.apache.org/confluence/display/AMBARI/Ambari+VulnerabilitiesnvdVendor Advisory
- github.com/advisories/GHSA-w3p6-94x2-xcvmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-5210ghsaADVISORY
- www.openwall.com/lists/oss-security/2015/10/13/4nvdWEB
- cwiki.apache.org/confluence/display/AMBARI/Ambari+VulnerabilitiesghsaWEB
News mentions
0No linked articles in our index yet.