Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.Referenceshttps://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilitieshttp://www.openwall.com/lists/oss-security/2015/10/13/3
