Vulnerabilities > Cloudera > Cloudera Manager > 3.7.5

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2015-4457 Cross-site Scripting vulnerability in Cloudera Manager
Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.
network
cloudera CWE-79
3.5
3.5
2019-11-26 CVE-2015-6495 Information Exposure vulnerability in Cloudera Manager
There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.
network
low complexity
cloudera CWE-200
5.0
5.0
2019-07-11 CVE-2018-11744 Improper Access Control vulnerability in Cloudera Manager
Cloudera Manager through 5.15 has Incorrect Access Control.
network
cloudera CWE-284
6.8
6.8
2019-06-07 CVE-2018-5798 Cross-site Scripting vulnerability in Cloudera Manager
This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager.
network
cloudera CWE-79
4.3
4.3
2019-05-24 CVE-2018-10815 Information Exposure vulnerability in Cloudera Manager
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1.
network
low complexity
cloudera CWE-200
4.0
4.0
2014-06-10 CVE-2014-0220 Information Exposure vulnerability in Cloudera Manager
Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authenticated users to obtain sensitive configuration information via the API.
network
low complexity
cloudera CWE-200
4.0
4.0