Vulnerabilities > Cloudera > Manager > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-07 | CVE-2016-4950 | Information Exposure vulnerability in Cloudera Manager Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions. | 7.5 |
2017-03-07 | CVE-2016-4949 | Information Exposure vulnerability in Cloudera Manager Cloudera Manager 5.5 and earlier allows remote attackers to obtain sensitive information via a (1) stderr.log or (2) stdout.log value in the filename parameter to /cmf/process/<process_id>/logs. | 7.5 |