CVE-2025-23196
Apache Ambari: Code Injection Vulnerability in Ambari Alert Definition
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.8EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
21 ene 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A code injection vulnerability exists in the Ambari Alert Definition
feature, allowing authenticated users to inject and execute arbitrary
shell commands. The vulnerability arises when defining alert scripts,
where the script filename field is executed using `sh -c`. An attacker
with authenticated access can exploit this vulnerability to inject
malicious commands, leading to remote code execution on the server. The
issue has been fixed in the latest versions of Ambari.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Apache Software Foundation · Apache Ambari