CVE-2023-50380

Name of the Vulnerable Software and Affected Versions: Apache Ambari versions <= 2.7.7

Description: The issue is related to an XML External Entity (XXE) injection attack in the Oozie Workflow Scheduler component of Apache Ambari. This vulnerability is caused by a lack of proper user input validation, allowing for root-level file reading and potential privilege escalation from low-privilege users. Attackers can exploit this vulnerability to read arbitrary files on the server, including sensitive system files, and potentially escalate privileges.

Recommendations: To resolve the issue, users are recommended to upgrade to version 2.7.8, which fixes this issue. As a temporary workaround, consider restricting access to the Oozie Workflow Scheduler component to minimize the risk of exploitation. Avoid using the vulnerable component until the issue is resolved by upgrading to the fixed version.