Elevated Privilege Vulnerability in Apache Ambari by Apache
CVE-2015-3270

Currently unrated

Key Information:

Vendor: Apache
Status: Ambari
Vendor: CVE Published:; 2 November 2015

Summary

Apache Ambari versions prior to 2.0.2 and 2.1.x prior to 2.1.1 are vulnerable, allowing remote authenticated users to escalate their privileges, potentially gaining administrative access. This vulnerability may be exploited through various vectors including password change mechanisms, posing a significant security risk.

References

https://cwiki.apache.org/confluence/display/AMBARI/Ambari...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2015/10/13/3

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Nov 2, 2015
Vulnerability Reserved
Apr 10, 2015