oss-sec mailing list archives

CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application.

From: Brahma Reddy Battula <brahma () apache org>
Date: Mon, 10 Jul 2023 13:45:22 +0000

Affected versions:

- Apache Ambari 2.7.0 through 2.7.6

Description:

SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to 
execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.

Credit:

Jecki Go (jecgo () visa com) (finder)

References:

https://ambari.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-42009

Current thread:

CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Brahma Reddy Battula (Jul 10)
- Re: CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Brandon Perry (Jul 10)
  - Re: CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Solar Designer (Jul 11)