VDB
GCVE-110-CLOUD-2024-0051
GCVE-110-CLOUD-2024-0051
Advisory Published
Three privilege escalation and denial-of-service vulnerabilities were discovered in Azure HDinsight, related to their usage of Apache Oozie and Ambari.
The root cause of at least one of these vulnerabilities is a flaw in Apache Oozie itself, leading to regex denial-of-service (ReDoS). The other two vulnerabilities
could allow an authenticated attacker with HDI cluster access to gain cluster administrator privileges and perform any resource service management operation.
The vulnerabilities were patched in the October 2023 security update of Azure HDinsight.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | HDInsight | — | — |
| Azure | Cloud Services | — | — |
Aliases
References
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.