Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudera cdh vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-7319
An issue exists in Cloudera Hue 6.0.0 up to and including 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser pri...
Cloudera Cdh 6.0.0
Cloudera Cdh 6.0.1
Cloudera Cdh 6.1.0
6.5
CVSSv2
CVE-2018-17860
Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x up to and including 5.15.1 and 6.x up to and including 6.0.1.
Cloudera Cdh
Cloudera Cdh 5.15.0
Cloudera Cdh 5.15.1
Cloudera Cdh 6.0.0
Cloudera Cdh 6.0.1
3.5
CVSSv2
CVE-2016-6353
Cloudera Search in CDH prior to 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.
Cloudera Cdh
6.5
CVSSv2
CVE-2015-7831
In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.
Cloudera Cdh
5
CVSSv2
CVE-2016-5724
Cloudera CDH prior to 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.
Cloudera Cdh
6.5
CVSSv2
CVE-2016-4572
In Cloudera CDH prior to 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.
Cloudera Cdh 5.5.0
Cloudera Cdh 5.5.1
Cloudera Cdh 5.5.2
Cloudera Cdh 5.5.3
Cloudera Cdh 5.5.4
Cloudera Cdh 5.6.0
Cloudera Cdh 5.6.1
Cloudera Cdh 5.7.0
4
CVSSv2
CVE-2016-3131
Cloudera CDH prior to 5.6.1 allows authorization bypass via direct internal API calls.
Cloudera Cdh
Cloudera Cdh 5.6.0
6.4
CVSSv2
CVE-2017-9325
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
Cloudera Cdh
5
CVSSv2
CVE-2016-6605
Impala in CDH 5.2.0 up to and including 5.7.2 and 5.8.0 allows remote malicious users to bypass Setry authorization.
Cloudera Cdh 5.5.1
Cloudera Cdh 5.5.2
Cloudera Cdh 5.5.3
Cloudera Cdh 5.5.4
Cloudera Cdh 5.4.0
Cloudera Cdh 5.3.7
Cloudera Cdh 5.3.8
Cloudera Cdh 5.3.9
Cloudera Cdh 5.2.5
Cloudera Cdh 5.2.6
Cloudera Cdh 5.6.0
Cloudera Cdh 5.6.1
Cloudera Cdh 5.4.9
Cloudera Cdh 5.4.10
Cloudera Cdh 5.4.1
Cloudera Cdh 5.4.2
Cloudera Cdh 5.3.4
Cloudera Cdh 5.3.5
Cloudera Cdh 5.3.6
Cloudera Cdh 5.3.0
Cloudera Cdh 5.5.6
Cloudera Cdh 5.4.7
3.5
CVSSv2
CVE-2013-6446
The JobHistory Server in Cloudera CDH 4.x prior to 4.6.0 and 5.x prior to 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs.
Cloudera Cdh 4.1.2
Cloudera Cdh 4.1.3
Cloudera Cdh 4.1.4
Cloudera Cdh 4.1.5
Cloudera Cdh 4.2.0
Cloudera Cdh 4.0.1
Cloudera Cdh 4.1.1
Cloudera Cdh 4.2.2
Cloudera Cdh 4.3.1
Cloudera Cdh 5.0.0
Cloudera Cdh 4.3.2
Cloudera Cdh 4.4.0
Cloudera Cdh 4.5.0
Cloudera Cdh 4.0.0
Cloudera Cdh 4.1.0
Cloudera Cdh 4.2.1
Cloudera Cdh 4.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »