Vulnerabilities > Cloudera > CDH > High

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2019-7319 Improper Privilege Management vulnerability in Cloudera CDH 6.0.0/6.0.1/6.1.0
An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0.
network
low complexity
cloudera CWE-269
8.3
8.3
2019-11-26 CVE-2018-17860 Incorrect Default Permissions vulnerability in Cloudera CDH
Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.
network
low complexity
cloudera CWE-276
7.2
7.2
2019-11-26 CVE-2016-5724 Information Exposure vulnerability in Cloudera CDH
Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.
network
low complexity
cloudera CWE-200
7.5
7.5
2019-11-26 CVE-2016-4572 Incorrect Authorization vulnerability in Cloudera CDH
In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.
network
low complexity
cloudera CWE-863
8.8
8.8
2019-11-26 CVE-2015-7831 Improper Privilege Management vulnerability in Cloudera CDH
In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.
network
low complexity
cloudera CWE-269
8.8
8.8
2019-07-03 CVE-2017-9325 Improper Authorization vulnerability in Cloudera CDH
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
network
low complexity
cloudera CWE-285
7.5
7.5
2017-04-10 CVE-2016-6605 Improper Access Control vulnerability in Cloudera CDH
Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.
network
low complexity
cloudera CWE-284
7.5
7.5