Vulnerabilities > Cloudera > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-26 | CVE-2020-26936 | Cross-Site Request Forgery (CSRF) vulnerability in Cloudera Data Engineering Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. | 8.8 |
| 2019-11-26 | CVE-2019-7319 | Improper Privilege Management vulnerability in Cloudera CDH 6.0.0/6.0.1/6.1.0 An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. | 8.3 |
| 2019-11-26 | CVE-2018-20090 | Incorrect Default Permissions vulnerability in Cloudera Data Science Workbench 1.4.0/1.4.1/1.4.2 An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. | 8.3 |
| 2019-11-26 | CVE-2017-7399 | Improper Privilege Management vulnerability in Cloudera Manager Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users. | 8.8 |
| 2019-11-26 | CVE-2018-17860 | Incorrect Default Permissions vulnerability in Cloudera CDH Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1. | 7.2 |
| 2019-11-26 | CVE-2016-5724 | Information Exposure vulnerability in Cloudera CDH Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles. | 7.5 |
| 2019-11-26 | CVE-2016-4572 | Incorrect Authorization vulnerability in Cloudera CDH In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges. | 8.8 |
| 2019-11-26 | CVE-2015-7831 | Improper Privilege Management vulnerability in Cloudera CDH In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. | 8.8 |
| 2019-11-26 | CVE-2015-6495 | Information Exposure vulnerability in Cloudera Manager There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles. | 7.5 |
| 2019-07-11 | CVE-2018-11744 | Improper Access Control vulnerability in Cloudera Manager Cloudera Manager through 5.15 has Incorrect Access Control. | 8.1 |