Vulnerabilities > Cloudera > Cloudera Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-08 | CVE-2021-30132 | Unspecified vulnerability in Cloudera Manager 7.2.4 Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. | 9.8 |
| 2021-11-08 | CVE-2021-32483 | Unspecified vulnerability in Cloudera Manager 7.2.4 Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard. | 5.3 |
| 2021-11-08 | CVE-2021-29243 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. | 6.1 |
| 2021-11-08 | CVE-2021-32482 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. | 6.1 |
| 2019-11-26 | CVE-2019-14449 | Cross-site Scripting vulnerability in Cloudera Manager An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. | 5.4 |
| 2019-11-26 | CVE-2017-7399 | Improper Privilege Management vulnerability in Cloudera Manager Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users. | 8.8 |
| 2019-11-26 | CVE-2016-9271 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature. | 5.4 |
| 2019-11-26 | CVE-2015-4457 | Cross-site Scripting vulnerability in Cloudera Manager Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors. | 5.4 |
| 2019-11-26 | CVE-2016-3192 | Cleartext Storage of Sensitive Information vulnerability in Cloudera Manager Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files. | 6.5 |
| 2019-11-26 | CVE-2015-6495 | Information Exposure vulnerability in Cloudera Manager There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles. | 7.5 |