Azure HDInsights
by Microsoft
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-36419 | Hig | 0.57 | 8.8 | 0.02 | Oct 10, 2023 | Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability | ||
| CVE-2024-21330 | Hig | 0.51 | 7.8 | 0.01 | Mar 12, 2024 | Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | ||
| CVE-2023-38156 | Hig | 0.47 | 7.2 | 0.02 | Sep 12, 2023 | Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability | ||
| CVE-2023-23408 | Med | 0.33 | 4.5 | 0.04 | Mar 14, 2023 | Azure Apache Ambari Spoofing Vulnerability | ||
| CVE-2023-35394 | Med | 0.30 | 4.6 | 0.01 | Aug 8, 2023 | Azure HDInsight Jupyter Notebook Spoofing Vulnerability | ||
| CVE-2023-38188 | Med | 0.29 | 4.5 | 0.01 | Aug 8, 2023 | Azure Apache Hadoop Spoofing Vulnerability | ||
| CVE-2023-36881 | Med | 0.29 | 4.5 | 0.01 | Aug 8, 2023 | Azure Apache Ambari Spoofing Vulnerability | ||
| CVE-2023-36877 | Med | 0.29 | 4.5 | 0.01 | Aug 8, 2023 | Azure Apache Oozie Spoofing Vulnerability | ||
| CVE-2023-35393 | Med | 0.29 | 4.5 | 0.01 | Aug 8, 2023 | Azure Apache Hive Spoofing Vulnerability | ||
| CVE-2026-21529 | 0.00 | — | 0.01 | Feb 10, 2026 | Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network. |
- risk 0.57cvss 8.8epss 0.02
Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
- risk 0.47cvss 7.2epss 0.02
Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability
- risk 0.33cvss 4.5epss 0.04
Azure Apache Ambari Spoofing Vulnerability
- risk 0.30cvss 4.6epss 0.01
Azure HDInsight Jupyter Notebook Spoofing Vulnerability
- risk 0.29cvss 4.5epss 0.01
Azure Apache Hadoop Spoofing Vulnerability
- risk 0.29cvss 4.5epss 0.01
Azure Apache Ambari Spoofing Vulnerability
- risk 0.29cvss 4.5epss 0.01
Azure Apache Oozie Spoofing Vulnerability
- risk 0.29cvss 4.5epss 0.01
Azure Apache Hive Spoofing Vulnerability
- CVE-2026-21529Feb 10, 2026risk 0.00cvss —epss 0.01
Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network.