Microsoft Azure Hdinsight vulnerabilities

CVE-2026-21529 [MEDIUM] CWE-79 CVE-2026-21529: Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsi Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network.

CVE-2024-21330 [HIGH] CWE-122 CVE-2024-21330: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

CVE-2023-36419 [HIGH] CWE-611 CVE-2023-36419: Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability

CVE-2023-38156 [HIGH] CWE-20 CVE-2023-38156: Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability

CVE-2023-36881 [MEDIUM] CWE-79 Azure Apache Ambari Spoofing Vulnerability Azure Apache Ambari Spoofing Vulnerability Azure Apache Ambari Spoofing Vulnerability

CVE-2023-35393 [MEDIUM] CWE-79 Azure Apache Hive Spoofing Vulnerability Azure Apache Hive Spoofing Vulnerability Azure Apache Hive Spoofing Vulnerability

CVE-2023-35394 [MEDIUM] CWE-79 CVE-2023-35394: Azure HDInsight Jupyter Notebook Spoofing Vulnerability Azure HDInsight Jupyter Notebook Spoofing Vulnerability

CVE-2023-36877 [MEDIUM] CWE-79 Azure Apache Oozie Spoofing Vulnerability Azure Apache Oozie Spoofing Vulnerability Azure Apache Oozie Spoofing Vulnerability

CVE-2023-38188 [MEDIUM] CWE-79 Azure Apache Hadoop Spoofing Vulnerability Azure Apache Hadoop Spoofing Vulnerability Azure Apache Hadoop Spoofing Vulnerability

CVE-2023-23408 [MEDIUM] CWE-79 Azure Apache Ambari Spoofing Vulnerability Azure Apache Ambari Spoofing Vulnerability Azure Apache Ambari Spoofing Vulnerability