Lucene search
ApacheCVELIST:CVE-2023-50380HistoryFeb 27, 2024 - 4:51 p.m.
CVE-2023-50380 Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server
2024-02-2716:51:33
CWE-611
apache
www.cve.org
apache ambari
xxe
xml external entity
version 2.7.8
oozie workflow scheduler
user input validation
privilege escalation
XML External Entity injection in apache ambari versions <= 2.7.7,Β Users are recommended to upgrade to version 2.7.8, which fixes this issue.
More Details:
Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation.
This vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system files. In theory, it might be possible to use this to escalate privileges.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Ambari",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2023-50380
2024-02-27 17:15:11
github
github
Apache Ambari XML External Entity injection
2024-02-27 18:31:02
veracode
veracode
XML External Entity
2024-02-29 05:34:03
osv
osv
Apache Ambari XML External Entity injection
2024-02-27 18:31:02
prion
prion
Xxe
2024-02-27 17:15:00
cve
cve
CVE-2023-50380
2024-02-27 17:15:11