Vulnerabilities > Cloudera > Cloudera Manager > 5.3.3

DATE CVE VULNERABILITY TITLE RISK
2019-06-07 CVE-2018-5798 Cross-site Scripting vulnerability in Cloudera Manager
This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager.
network
low complexity
cloudera CWE-79
6.1
6.1
2019-05-24 CVE-2018-10815 Information Exposure vulnerability in Cloudera Manager
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1.
network
low complexity
cloudera CWE-200
6.5
6.5
2017-03-23 CVE-2015-4078 Information Exposure vulnerability in Cloudera Manager and Navigator
Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
network
high complexity
cloudera CWE-200
3.1
3.1