CVE-2015-1775

Currently unrated

Key Information:

Vendor: Apache
Status: Ambari
Vendor: CVE Published:; 2 November 2015

Summary

Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call.

References

https://cwiki.apache.org/confluence/display/AMBARI/Ambari...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2015/10/13/2

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Nov 2, 2015
Vulnerability Reserved
Feb 17, 2015