CVE-2022-42009
HIGHApache Ambari 2.7.0-2.7.6 - Authenticated Remote Code Execution via SpringEL Injection
Title source: llmDescription
SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.
References (1)
Core 1
Core References
Mailing List, Vendor Advisory vendor-advisory
https://lists.apache.org/thread/6xf477ttz1oxmg0bx0tpdoz2mlqd7sbc
Scores
CVSS v3
8.0
EPSS
0.0105
EPSS Percentile
59.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-917
Status
published
Products (2)
apache/ambari
2.7.0 - 2.7.7
org.apache.ambari/ambari
2.7.0 - 2.7.7Maven
Published
Jul 12, 2023
Tracked Since
Feb 18, 2026