Vulnerabilities > Cloudera > Cloudera Manager > 3.7.0

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2015-4457 Cross-site Scripting vulnerability in Cloudera Manager
Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.
network
low complexity
cloudera CWE-79
5.4
5.4
2019-11-26 CVE-2015-6495 Information Exposure vulnerability in Cloudera Manager
There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.
network
low complexity
cloudera CWE-200
7.5
7.5
2019-07-11 CVE-2018-11744 Improper Access Control vulnerability in Cloudera Manager
Cloudera Manager through 5.15 has Incorrect Access Control.
network
high complexity
cloudera CWE-284
8.1
8.1
2019-06-07 CVE-2018-5798 Cross-site Scripting vulnerability in Cloudera Manager
This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager.
network
low complexity
cloudera CWE-79
6.1
6.1
2019-05-24 CVE-2018-10815 Information Exposure vulnerability in Cloudera Manager
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1.
network
low complexity
cloudera CWE-200
6.5
6.5