Remote Code Injection Vulnerability in Apache Ambari Metrics by Apache
CVE-2024-51941

8.8HIGH

Key Information:

Vendor: Apache
Status: Apache Ambari
Vendor: CVE Published:; 21 January 2025

What is CVE-2024-51941?

A remote code injection vulnerability in the Apache Ambari Metrics and AMS Alerts feature permits authenticated users to inject and execute arbitrary code. This vulnerability arises during the processing of alert definitions, enabling the insertion of malicious input into the alert script execution path. An attacker with authenticated access can exploit this vulnerability to run arbitrary commands on the server. The issue has been addressed in the latest patch releases of Apache Ambari.

Affected Version(s)

Apache Ambari 0 <= 2.7.8

References

https://lists.apache.org/thread/xq50nlff7o7z1kq3y637clzzl...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 21, 2025

Credit

4ra1n (https://github.com/4ra1n)

[email protected]