Vulnerabilities > Cloudera > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-11-08 CVE-2021-30132 Unspecified vulnerability in Cloudera Manager 7.2.4
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
network
low complexity
cloudera
critical
 9.8
9.8
2019-07-03 CVE-2018-11215 OS Command Injection vulnerability in Cloudera Data Science Workbench
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors.
network
low complexity
cloudera CWE-78
critical
 9.8
9.8
2019-06-07 CVE-2018-20091 SQL Injection vulnerability in Cloudera Data Science Workbench 1.4.0/1.4.1/1.4.2
An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2.
network
low complexity
cloudera CWE-89
critical
 9.9
9.9
2017-03-23 CVE-2015-4166 Key Management Errors vulnerability in Cloudera KEY Trustee Server 5.4.2
Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.
network
low complexity
cloudera CWE-320
critical
 9.8
9.8