What is the severity of CVE-2025-23195?

CVE-2025-23195 is classified as a critical vulnerability due to its potential for remote code execution through XML External Entity attacks.

How do I fix CVE-2025-23195?

To remediate CVE-2025-23195, you should upgrade Apache Ambari to version 2.7.9 or later and ensure that external entity resolution is disabled in XML parsers.

What software is affected by CVE-2025-23195?

CVE-2025-23195 affects Apache Ambari versions earlier than 2.7.9.

What types of attacks can CVE-2025-23195 facilitate?

CVE-2025-23195 can allow attackers to read sensitive files, perform internal port scanning, and execute denial-of-service attacks through malicious XML input.

Is CVE-2025-23195 easy to exploit?

Yes, CVE-2025-23195 is deemed relatively easy to exploit if the vulnerable software is accessible to an attacker.

Vulnerability/
CVE-2025-23195

high

7.5

CWE

611 918

EPSS

0.043%

21/1/2025

22/1/2025

CVE-2025-23195: Apache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie

First published: Tue Jan 21 2025(Updated: )

An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie project, allowing an attacker to inject malicious XML entities. This vulnerability occurs due to insecure parsing of XML input using the `DocumentBuilderFactory` class without disabling external entity resolution. An attacker can exploit this vulnerability to read arbitrary files on the server or perform server-side request forgery (SSRF) attacks. The issue has been fixed in both Ambari 2.7.9 and the trunk branch.

Credit: security@apache.org

Affected Software	Affected Version	How to fix
Apache Ambari	<2.7.9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-23195?
CVE-2025-23195 is classified as a critical vulnerability due to its potential for remote code execution through XML External Entity attacks.
How do I fix CVE-2025-23195?
To remediate CVE-2025-23195, you should upgrade Apache Ambari to version 2.7.9 or later and ensure that external entity resolution is disabled in XML parsers.
What software is affected by CVE-2025-23195?
CVE-2025-23195 affects Apache Ambari versions earlier than 2.7.9.
What types of attacks can CVE-2025-23195 facilitate?
CVE-2025-23195 can allow attackers to read sensitive files, perform internal port scanning, and execute denial-of-service attacks through malicious XML input.
Is CVE-2025-23195 easy to exploit?
Yes, CVE-2025-23195 is deemed relatively easy to exploit if the vulnerable software is accessible to an attacker.

collector/oss-sec
source/oss-sec
alias/CVE-2025-23195
agent/title
agent/first-publish-date
agent/weakness
agent/type
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
agent/author
agent/references
agent/trending
agent/source
collector/nvd-api
source/NVD
agent/last-modified-date
agent/severity
agent/event
agent/tags
collector/mitre-cve
source/MITRE
collector/epss-latest
source/FIRST
agent/epss
vendor/apache
canonical/apache ambari

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.