The certificate signing REST API in Apache Ambari before 2.4.0 allows remote attackers to execute arbitrary code via shell metacharacters in the agentHostname value.
The certificate signing REST API in Apache Ambari before 2.4.0 allows remote attackers to execute arbitrary code via shell metacharacters in the agentHostname value.