Code Injection Vulnerability in Ambari Alert Definition by Apache
CVE-2025-23196

8.8HIGH

Key Information:

Vendor: Apache
Status: Apache Ambari
Vendor: CVE Published:; 21 January 2025

Summary

A code injection vulnerability exists in the Ambari Alert Definition feature that permits authenticated users to inject and execute arbitrary shell commands. This vulnerability is linked to the alert script definitions where the script filename is executed using a shell command. If exploited, an attacker with authenticated access can send malicious commands, leading to remote code execution on the targeted server. The vulnerability has been addressed in the latest versions of Ambari, emphasizing the importance of prompt updates for users.

Affected Version(s)

Apache Ambari 8 < 2.7.9

References

https://lists.apache.org/thread/70g1l5lxvko7kvhyxmtmklhhf...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 21, 2025

Credit

Liyw979

robinzeng2015

fcgboy

wk2025