CVE-2020-13924

Summary

In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache AmbariApache Ambari <= 2.6.2.2affected

Weaknesses

  • directory traversal

ADP Enrichment

CVE Program Container

Additional References

References