Vulnerabilities > CVE-2017-9326 - Credentials Management vulnerability in Cloudera Manager 5.11.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not exposed.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |