Vulnerabilities > Cloudera
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-08 | CVE-2021-30132 | Unspecified vulnerability in Cloudera Manager 7.2.4 Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. | 9.8 |
| 2021-11-08 | CVE-2021-32483 | Unspecified vulnerability in Cloudera Manager 7.2.4 Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard. | 5.3 |
| 2021-11-08 | CVE-2021-29243 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. | 6.1 |
| 2021-11-08 | CVE-2021-29994 | Cross-site Scripting vulnerability in Cloudera HUE 4.6.0 Cloudera Hue 4.6.0 allows XSS. | 6.1 |
| 2021-11-08 | CVE-2021-32481 | Cross-site Scripting vulnerability in Cloudera HUE 4.6.0 Cloudera Hue 4.6.0 allows XSS via the type parameter. | 6.1 |
| 2021-11-08 | CVE-2021-32482 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. | 6.1 |
| 2021-03-15 | CVE-2021-3167 | Information Exposure Through Log Files vulnerability in Cloudera Data Engineering 1.3.0 In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs. | 6.5 |
| 2020-11-26 | CVE-2020-26936 | Cross-Site Request Forgery (CSRF) vulnerability in Cloudera Data Engineering Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. | 8.8 |
| 2019-11-26 | CVE-2019-14449 | Cross-site Scripting vulnerability in Cloudera Manager An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. | 5.4 |
| 2019-11-26 | CVE-2019-7319 | Improper Privilege Management vulnerability in Cloudera CDH 6.0.0/6.0.1/6.1.0 An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. | 8.3 |