oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2024-51941: Apache Ambari: Remote Code Injection in Ambari Metrics and AMS Alerts

From: Viraj Jasani <vjasani () apache org>
Date: Tue, 21 Jan 2025 20:36:03 +0000
Severity: important

Affected versions:

- Apache Ambari through 2.7.8

Description:

A remote code injection vulnerability exists in the Ambari Metrics and 
AMS Alerts feature, allowing authenticated users to inject and execute 
arbitrary code. The vulnerability occurs when processing alert 
definitions, where malicious input can be injected into the alert script
 execution path. An attacker with authenticated access can exploit this 
vulnerability to execute arbitrary commands on the server. The issue has
 been fixed in the latest versions of Ambari.

This issue is being tracked as AMBARI-26202 

Credit:

4ra1n (https://github.com/4ra1n) (finder)
h4cking2thegate () gmail com (reporter)

References:

https://ambari.apache.org/
https://www.cve.org/CVERecord?id=CVE-2024-51941
https://issues.apache.org/jira/browse/AMBARI-26202
Previous By Date Next
Previous By Thread Next

Current thread: