CVE-2015-3270

Published: Nov 2, 2015Modified: May 6, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.

Affected (4)

Products: Apache: Ambari

Apache

1 product

Ambari

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Apache Ambari	Version 1.7.0
Apache Ambari	Version 2.0.0
Apache Ambari	Version 2.0.1
Apache Ambari	Version 2.1.0

Related CWEs

CWE-264

References (4)

http://www.openwall.com/lists/oss-security/2015/10/13/3

Source: secalert@redhat.com

https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2015/10/13/3

Source: af854a3a-2127-422b-91ae-364da2661108

https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.