Apache Ambari Open Redirect

2022-05-1704:03:11

Google

osv.dev

0.007 Low

EPSS

Percentile

80.0%

JSON

Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.

CPENameOperatorVersion
org.apache.ambari:ambarieq2.0.0.0
org.apache.ambari:ambarieq1.7.0.0

CPE	Name	Operator	Version
	org.apache.ambari:ambari	eq	2.0.0.0
	org.apache.ambari:ambari	eq	1.7.0.0

References

www.openwall.com/lists/oss-security/2015/10/13/4

cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2

nvd.nist.gov/vuln/detail/CVE-2015-5210

0.007 Low

EPSS

Percentile

80.0%

JSON

Related for OSV:GHSA-W3P6-94X2-XCVM