Apache Ambari CVE-2018-8003 Directory Traversal Vulnerability

Apache Ambari is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.

Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application. Information obtained could aid in further attacks.

Ambari 1.4.0 through Ambari 2.6.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus