CVE-2023-23408: Azure Apache Ambari Spoofing Vulnerability

Overview

Severity

Medium (CVSS 4.5)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2023-Mar

Released

2023-03-14

Last Updated

2023-06-16

EPSS Score

7.60% (percentile: 91.8%)

FAQ

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker would have to send the victim a malicious URL that the victim would have to execute. According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. Only users with roles “Cluster Admin” and “Cluster Operator” can access this.

Affected Products (1)

Azure

• Azure HDInsight

Security Updates (1)

• Release Notes

Acknowledgments

Lidor B. with Orca Security

Revision History

• 2023-03-14: Information published.
• 2023-06-16: Updated one or more CVSS scores for the affected products. This is an informational change only.