Vulnerabilities > Cloudera > Cloudera Manager > 5.12.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-08 | CVE-2021-29243 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. | 4.3 |
| 2021-11-08 | CVE-2021-32482 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. | 4.3 |
| 2019-11-26 | CVE-2019-14449 | Cross-site Scripting vulnerability in Cloudera Manager An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. | 3.5 |
| 2019-07-11 | CVE-2018-11744 | Improper Access Control vulnerability in Cloudera Manager Cloudera Manager through 5.15 has Incorrect Access Control. | 6.8 |
| 2019-06-20 | CVE-2018-15913 | Cross-site Scripting vulnerability in Cloudera Manager An issue was discovered in Cloudera Manager 5.x through 5.15.0. | 4.3 |
| 2019-06-07 | CVE-2018-6185 | Cryptographic Issues vulnerability in Cloudera Manager and Navigator KEY Trustee KMS In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. | 5.5 |
| 2019-06-07 | CVE-2018-5798 | Cross-site Scripting vulnerability in Cloudera Manager This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager. | 4.3 |
| 2019-05-24 | CVE-2018-10815 | Information Exposure vulnerability in Cloudera Manager An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. | 4.0 |