Elevated Privilege Vulnerability in Apache Ambari by Apache
CVE-2015-3270

Currently unrated

Key Information:

Vendor

Apache
Status
Ambari
Vendor
CVE Published:
2 November 2015

What is CVE-2015-3270?

Apache Ambari versions prior to 2.0.2 and 2.1.x prior to 2.1.1 are vulnerable, allowing remote authenticated users to escalate their privileges, potentially gaining administrative access. This vulnerability may be exploited through various vectors including password change mechanisms, posing a significant security risk.

References

https://cwiki.apache.org/confluence/display/AMBARI/Ambari...
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2015/10/13/3
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.