Show filters
50 Total Results
Displaying 11-20 of 50
Sort by:
Attacker Value
Unknown

CVE-2017-7399

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-9271

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2015-4457

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2016-5724

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-6353

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-3131

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-4572

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2015-6495

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-3192

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2015-7831

Disclosure Date: November 26, 2019 (last updated November 27, 2024)
In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >