SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
In Apache Ambari, malicious users can construct file names for directory traversal and traverse to other directories to download files.
A cross-site scripting issue was found in Apache Ambari Views.
Apache Ambari is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem.
Sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.
An authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
During installation, Ambari Server artifacts are not created with proper ACLs.