Search
Search Results (52 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9271 | 1 Cloudera | 1 Cloudera Manager | 2024-11-21 | 5.4 Medium |
| Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature. | ||||
| CVE-2016-6353 | 1 Cloudera | 1 Cdh | 2024-11-21 | 6.5 Medium |
| Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler. | ||||
| CVE-2016-5724 | 1 Cloudera | 1 Cdh | 2024-11-21 | 7.5 High |
| Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles. | ||||
| CVE-2016-4572 | 1 Cloudera | 1 Cdh | 2024-11-21 | 8.8 High |
| In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges. | ||||
| CVE-2016-3192 | 1 Cloudera | 1 Cloudera Manager | 2024-11-21 | 6.5 Medium |
| Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files. | ||||
| CVE-2016-3131 | 1 Cloudera | 1 Cdh | 2024-11-21 | 6.5 Medium |
| Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls. | ||||
| CVE-2015-8094 | 1 Cloudera | 1 Hue | 2024-11-21 | N/A |
| Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter. | ||||
| CVE-2015-7831 | 1 Cloudera | 1 Cdh | 2024-11-21 | 8.8 High |
| In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. | ||||
| CVE-2015-6495 | 1 Cloudera | 1 Cloudera Manager | 2024-11-21 | 7.5 High |
| There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles. | ||||
| CVE-2015-4457 | 1 Cloudera | 1 Cloudera Manager | 2024-11-21 | 5.4 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors. | ||||
| CVE-2012-2230 | 1 Cloudera | 2 Cloudera Manager, Cloudera Service And Configuration Manager | 2024-08-06 | N/A |
| Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration Manager 3.5, when Kerberos is not enabled, does not properly install taskcontroller.cfg, which allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors, a different vulnerability than CVE-2012-1574. | ||||
| CVE-2013-6446 | 1 Cloudera | 1 Cdh | 2024-08-06 | N/A |
| The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs. | ||||