Vulnerabilities > Cloudera
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2015-7831 | Improper Privilege Management vulnerability in Cloudera CDH In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. | 6.5 |
| 2019-11-26 | CVE-2015-6495 | Information Exposure vulnerability in Cloudera Manager There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles. | 5.0 |
| 2019-07-11 | CVE-2018-11744 | Improper Access Control vulnerability in Cloudera Manager Cloudera Manager through 5.15 has Incorrect Access Control. | 6.8 |
| 2019-07-03 | CVE-2017-9327 | Permission Issues vulnerability in Cloudera Manager 5.10.1/5.11.0/5.9.2 Secret data of processes managed by CM is not secured by file permissions. | 4.0 |
| 2019-07-03 | CVE-2017-9326 | Credentials Management vulnerability in Cloudera Manager 5.11.0 The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. | 3.5 |
| 2019-07-03 | CVE-2017-9325 | Improper Authorization vulnerability in Cloudera CDH The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs. | 6.4 |
| 2019-07-03 | CVE-2018-11215 | Information Exposure vulnerability in Cloudera Data Science Workbench Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors. | 7.5 |
| 2019-06-21 | CVE-2018-15665 | Information Exposure vulnerability in Cloudera Data Science Workbench An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.2.x through 1.4.0. | 5.0 |
| 2019-06-20 | CVE-2018-15913 | Cross-site Scripting vulnerability in Cloudera Manager An issue was discovered in Cloudera Manager 5.x through 5.15.0. | 4.3 |
| 2019-06-07 | CVE-2018-20091 | SQL Injection vulnerability in Cloudera Data Science Workbench 1.4.0/1.4.1/1.4.2 An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. | 6.5 |