Описание
Azure Apache Ambari Spoofing Vulnerability
FAQ
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
An attacker would have to send the victim a malicious URL that the victim would have to execute.
According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. Only users with roles “Cluster Admin” and “Cluster Operator” can access this.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
4.5 Medium
CVSS3
Связанные уязвимости
Уязвимость службы аналитики данных Azure HDInsight операционной системы Windows, позволяющая нарушителю проводить спуфинг-атаки
EPSS
4.5 Medium
CVSS3