CVE-2023-50380: Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server
First published: Tue Feb 27 2024(Updated: )
XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation. This vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files on the server, including sensitive system files. In theory, it might be possible to use this to escalate privileges.
Credit: security@apache.org security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/org.apache.ambari.contrib.views:wfmanager | >=2.7.0<2.7.8 | 2.7.8 |
| Apache Ambari | >=2.7.0<2.7.8 | |
| >=2.7.0<2.7.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32
- http://www.openwall.com/lists/oss-security/2024/02/27/6
- https://nvd.nist.gov/vuln/detail/CVE-2023-50380
- https://github.com/apache/ambari/commit/d9652e4611ea36208d5f748028b3a9cd980e6edb
- https://github.com/advisories/GHSA-qrp9-23p7-g5mf (Advisory)
Frequently Asked Questions
What is the severity of CVE-2023-50380?
CVE-2023-50380 is categorized as a high-severity vulnerability due to its potential for XML External Entity injection leading to root-level file access.
How do I fix CVE-2023-50380?
To fix CVE-2023-50380, upgrade Apache Ambari to version 2.7.8 or later.
Which versions of Apache Ambari are affected by CVE-2023-50380?
CVE-2023-50380 affects Apache Ambari versions 2.7.7 and earlier.
What type of vulnerability is CVE-2023-50380?
CVE-2023-50380 is an XML External Entity (XXE) injection vulnerability.
What potential impact does CVE-2023-50380 have on users?
CVE-2023-50380 allows attackers to read arbitrary files and may lead to privilege escalation.
- agent/severity
- agent/weakness
- agent/title
- agent/type
- agent/first-publish-date
- collector/oss-sec
- source/oss-sec
- alias/CVE-2023-50380
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-qrp9-23p7-g5mf
- agent/software-canonical-lookup
- agent/references
- agent/softwarecombine
- agent/event
- agent/description
- agent/author
- collector/nvd-cve
- source/NVD
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/tags
- collector/nvd-api
- package-manager/maven
- vendor/apache
- canonical/apache ambari
- version/apache ambari/2.7.0