Unrated severityNVD Advisory· Published Jan 21, 2025· Updated Feb 3, 2025
Apache Ambari: Code Injection Vulnerability in Ambari Alert Definition
CVE-2025-23196
Description
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when defining alert scripts, where the script filename field is executed using sh -c. An attacker with authenticated access can exploit this vulnerability to inject malicious commands, leading to remote code execution on the server. The issue has been fixed in the latest versions of Ambari.
Affected products
2- Apache Software Foundation/Apache Ambariv5Range: 8
Patches
Vulnerability mechanics
References
1- lists.apache.org/thread/70g1l5lxvko7kvhyxmtmklhhfrlon837mitrevendor-advisory
News mentions
0No linked articles in our index yet.