Filtered by vendor Cloudera
Subscriptions
Total
51 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-5798 | 1 Cloudera | 1 Cloudera Manager | 2024-08-05 | N/A |
This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager. | ||||
CVE-2019-14449 | 1 Cloudera | 1 Cloudera Manager | 2024-08-05 | 5.4 Medium |
An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this product. | ||||
CVE-2019-7319 | 1 Cloudera | 1 Cdh | 2024-08-04 | 8.3 High |
An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges. | ||||
CVE-2020-26936 | 1 Cloudera | 1 Data Engineering | 2024-08-04 | 8.8 High |
Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. | ||||
CVE-2021-32483 | 1 Cloudera | 1 Cloudera Manager | 2024-08-03 | 5.3 Medium |
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard. | ||||
CVE-2021-32482 | 1 Cloudera | 1 Cloudera Manager | 2024-08-03 | 6.1 Medium |
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. | ||||
CVE-2021-32481 | 1 Cloudera | 1 Hue | 2024-08-03 | 6.1 Medium |
Cloudera Hue 4.6.0 allows XSS via the type parameter. | ||||
CVE-2021-30132 | 1 Cloudera | 1 Cloudera Manager | 2024-08-03 | 9.8 Critical |
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. | ||||
CVE-2021-29994 | 1 Cloudera | 1 Hue | 2024-08-03 | 6.1 Medium |
Cloudera Hue 4.6.0 allows XSS. | ||||
CVE-2021-29243 | 1 Cloudera | 1 Cloudera Manager | 2024-08-03 | 6.1 Medium |
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. | ||||
CVE-2021-3167 | 1 Cloudera | 1 Data Engineering | 2024-08-03 | 6.5 Medium |
In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs. |