CVE-2015-3270 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2015-3270

CWE

https://cwe.mitre.org/data/definitions/264.html

Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.

Affected Software

Name	Vendor	Start Version	End Version
Ambari	Apache	1.7.0 (including)	1.7.0 (including)
Ambari	Apache	2.0.0 (including)	2.0.0 (including)
Ambari	Apache	2.0.1 (including)	2.0.1 (including)
Ambari	Apache	2.1.0 (including)	2.1.0 (including)

References

http://www.openwall.com/lists/oss-security/2015/10/13/3
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities