Security Advisory

CVE-2022-42009

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-12 09:58:19

Last updated 2024-10-04 13:49:38

Assigner apache

State PUBLISHED

Description

SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to upgrade to 2.7.7.

← Browse all CVEs View on cve.org ↗