oss-sec mailing list archives
Re: CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application.
From: Solar Designer <solar () openwall com>
Date: Tue, 11 Jul 2023 17:36:03 +0200
On Mon, Jul 10, 2023 at 10:08:22AM -0500, Brandon Perry wrote:
Do you have an example proof of concept or a bug link for this?
Added CC's. Brahma or Jecki, can you address Brandon's question above, please? Alexander
On Mon, Jul 10, 2023 at 10:06???AM Brahma Reddy Battula <brahma () apache org> wrote:Affected versions: - Apache Ambari 2.7.0 through 2.7.6 Description: SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7. Credit: Jecki Go (jecgo () visa com) (finder) References: https://ambari.apache.org/ https://www.cve.org/CVERecord?id=CVE-2022-42009
Current thread:
- CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Brahma Reddy Battula (Jul 10)
- Re: CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Brandon Perry (Jul 10)
- Re: CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Solar Designer (Jul 11)
- Re: CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Brandon Perry (Jul 10)