Vulnerabilities > Cloudera

DATE CVE VULNERABILITY TITLE RISK
2021-11-08 CVE-2021-30132 Improper Privilege Management vulnerability in Cloudera Manager 7.2.4
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
network
low complexity
cloudera CWE-269
7.5
2021-11-08 CVE-2021-32483 Improper Privilege Management vulnerability in Cloudera Manager 7.2.4
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard.
network
low complexity
cloudera CWE-269
5.0
2021-11-08 CVE-2021-29243 Cross-site Scripting vulnerability in Cloudera Manager
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.
network
cloudera CWE-79
4.3
2021-11-08 CVE-2021-29994 Cross-site Scripting vulnerability in Cloudera HUE 4.6.0
Cloudera Hue 4.6.0 allows XSS.
network
cloudera CWE-79
4.3
2021-11-08 CVE-2021-32481 Cross-site Scripting vulnerability in Cloudera HUE 4.6.0
Cloudera Hue 4.6.0 allows XSS via the type parameter.
network
cloudera CWE-79
4.3
2021-11-08 CVE-2021-32482 Cross-site Scripting vulnerability in Cloudera Manager
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter.
network
cloudera CWE-79
4.3
2021-03-15 CVE-2021-3167 Information Exposure vulnerability in Cloudera Data Engineering 1.3.0
In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs.
network
low complexity
cloudera CWE-200
4.0
2020-11-26 CVE-2020-26936 Cross-Site Request Forgery (CSRF) vulnerability in Cloudera Data Engineering
Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.
network
cloudera CWE-352
6.8
2019-11-26 CVE-2019-14449 Cross-site Scripting vulnerability in Cloudera Manager
An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1.
network
cloudera CWE-79
3.5
2019-11-26 CVE-2019-7319 Improper Privilege Management vulnerability in Cloudera CDH 6.0.0/6.0.1/6.1.0
An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0.
network
low complexity
cloudera CWE-269
6.5