Directory Traversal Vulnerability in Apache Ambari Versions 2.6.2.2 and Earlier

Directory Traversal Vulnerability in Apache Ambari Versions 2.6.2.2 and Earlier

CVE-2020-13924 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files.

Learn more about our Cis Benchmark Audit For Apache Http Server.