Vulnerabilities > Cloudera > Cloudera Manager > 5.3.10

DATE CVE VULNERABILITY TITLE RISK
2021-11-08 CVE-2021-29243 Cross-site Scripting vulnerability in Cloudera Manager
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.
network
cloudera CWE-79
4.3
4.3
2021-11-08 CVE-2021-32482 Cross-site Scripting vulnerability in Cloudera Manager
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter.
network
cloudera CWE-79
4.3
4.3
2019-11-26 CVE-2019-14449 Cross-site Scripting vulnerability in Cloudera Manager
An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1.
network
cloudera CWE-79
3.5
3.5
2019-11-26 CVE-2017-7399 Improper Privilege Management vulnerability in Cloudera Manager
Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.
network
low complexity
cloudera CWE-269
6.5
6.5
2019-11-26 CVE-2016-9271 Cross-site Scripting vulnerability in Cloudera Manager
Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.
network
cloudera CWE-79
3.5
3.5
2019-11-26 CVE-2015-4457 Cross-site Scripting vulnerability in Cloudera Manager
Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.
network
cloudera CWE-79
3.5
3.5
2019-11-26 CVE-2016-3192 Cleartext Storage of Sensitive Information vulnerability in Cloudera Manager
Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files.
network
low complexity
cloudera CWE-312
4.0
4.0
2019-07-11 CVE-2018-11744 Improper Access Control vulnerability in Cloudera Manager
Cloudera Manager through 5.15 has Incorrect Access Control.
network
cloudera CWE-284
6.8
6.8
2019-06-20 CVE-2018-15913 Cross-site Scripting vulnerability in Cloudera Manager
An issue was discovered in Cloudera Manager 5.x through 5.15.0.
network
cloudera CWE-79
4.3
4.3
2019-06-07 CVE-2018-5798 Cross-site Scripting vulnerability in Cloudera Manager
This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager.
network
cloudera CWE-79
4.3
4.3