Severity: important Affected versions:
- Apache Ambari 2.7.0 through 2.7.7 Description: Malicious code injection in Apache Ambari in prior to 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue. Impact: A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host. References: https://ambari.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-50379 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
