CVE-2015-5210

CWE-601 — Open Redirect6 documents5 sources

Severity

5.8MEDIUM

EPSS

1.0%

top 23.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Ambari

Timeline

PublishedNov 2

Latest updateMay 17

Description

Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages2 packages

▶Mavenorg.apache.ambari:ambari1.7.0 — 2.1.2

▶NVDapache/ambari2.1.1+5

🔴Vulnerability Details

GHSA

Apache Ambari Open Redirect↗2022-05-17

▶

OSV

Apache Ambari Open Redirect↗2022-05-17

▶

CVEList

CVE-2015-5210: Open redirect vulnerability in Apache Ambari before 2↗2015-11-02

▶

💬Community

Bugzilla

CVE-2015-5210 CVE-2015-3186 CVE-2015-3270 CVE-2015-1775 Apache Ambari: multiple flaws fixed in 2.1.2↗2015-10-19

▶

Bugzilla

CVE-2015-3186 CVE-2015-3270 CVE-2015-5210 CVE-2015-1775 Apache Ambari: multiple flaws fixed in 2.1.2 [fedora-all]↗2015-10-19

▶