CVE-2024-51941

Jan. 22, 2025, 3:15 p.m.

8.8
High

Description

A remote code injection vulnerability exists in the Ambari Metrics and AMS Alerts feature, allowing authenticated users to inject and execute arbitrary code. The vulnerability occurs when processing alert definitions, where malicious input can be injected into the alert script execution path. An attacker with authenticated access can exploit this vulnerability to execute arbitrary commands on the server. The issue has been fixed in the latest versions of Ambari.

Product(s) Impacted

Product Versions
Ambari
  • ['Unknown']

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-75
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
The product does not adequately filter user-controlled input for special elements with control implications.

References

https://lists.apache.org/thread/xq50nlff7o7z1kq3y637clzzl6mjhl8j
http://www.openwall.com/lists/oss-security/2025/01/21/9

Tags

security@apache.org
CWE-75
2025-01-21
CVE-2024-51941

CVSS Score

8.8 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: Jan. 21, 2025, 10:15 p.m.
Last Modified: Jan. 22, 2025, 3:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@apache.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.