Vulnerabilities > Cloudera > Cloudera Manager > 5.3.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-08 | CVE-2021-29243 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. | 4.3 |
| 2021-11-08 | CVE-2021-32482 | Cross-site Scripting vulnerability in Cloudera Manager Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. | 4.3 |
| 2017-03-23 | CVE-2015-4078 | Information Exposure vulnerability in Cloudera Manager and Navigator Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | 3.5 |