CVE-2015-5210

Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
apacheambari
𝑥
≤ 2.1.1
apacheambari
1.7.0
apacheambari
2.0.0
apacheambari
2.0.1
apacheambari
2.0.2
apacheambari
2.1.0
𝑥
= Vulnerable software versions
References
http://www.openwall.com/lists/oss-security/2015/10/13/4
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities
http://www.openwall.com/lists/oss-security/2015/10/13/4
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities