Lucene search
HistoryNov 02, 2015 - 7:59 p.m.
CVE-2015-1775
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.7%
Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call.
Affected configurations
Node
apacheambariMatch1.5.0
ORapacheambariMatch1.5.1
ORapacheambariMatch1.6.0
ORapacheambariMatch1.6.1
ORapacheambariMatch1.7.0
ORapacheambariMatch2.0.0
ORapacheambariMatch2.0.1
ORapacheambariMatch2.0.2
Related
cvelist
cvelist
CVE-2015-1775
2015-11-02 19:00:00
github
github
Apache Ambari SSRF Vulnerability
2022-05-17 04:03:11
openvas
openvas
Apache Ambari 1.5.0 - 2.0.2 SSRF Vulnerability
2016-11-04 00:00:00
prion
prion
Server side request forgery (ssrf)
2015-11-02 19:59:00
cve
cve
CVE-2015-1775
2015-11-02 19:59:00
osv
osv
Apache Ambari SSRF Vulnerability
2022-05-17 04:03:11
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.7%
Related for NVD:CVE-2015-1775