Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudera vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2014-8733
Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified world-readable files under /etc/hadoop, which allows local users to obtain this password.
Cloudera Cloudera Manager 5.2.1
Cloudera Cloudera Manager 5.3.0
Cloudera Cloudera Manager 5.2.0
312
VMScore
CVE-2016-9271
Cloudera Manager 5.7.x prior to 5.7.6, 5.8.x prior to 5.8.4, and 5.9.x prior to 5.9.1 allows XSS in the help search feature.
Cloudera Cloudera Manager
Cloudera Cloudera Manager 5.9.0
578
VMScore
CVE-2017-7399
Cloudera Manager 5.8.x prior to 5.8.5, 5.9.x prior to 5.9.2, and 5.10.x prior to 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.
Cloudera Cloudera Manager
Cloudera Cloudera Manager 5.10.0
578
VMScore
CVE-2016-4572
In Cloudera CDH prior to 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.
Cloudera Cdh 5.5.0
Cloudera Cdh 5.5.1
Cloudera Cdh 5.5.2
Cloudera Cdh 5.5.3
Cloudera Cdh 5.5.4
Cloudera Cdh 5.6.0
Cloudera Cdh 5.6.1
Cloudera Cdh 5.7.0
578
VMScore
CVE-2018-17860
Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x up to and including 5.15.1 and 6.x up to and including 6.0.1.
Cloudera Cdh
Cloudera Cdh 5.15.0
Cloudera Cdh 5.15.1
Cloudera Cdh 6.0.0
Cloudera Cdh 6.0.1
578
VMScore
CVE-2019-7319
An issue exists in Cloudera Hue 6.0.0 up to and including 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser pri...
Cloudera Cdh 6.0.0
Cloudera Cdh 6.0.1
Cloudera Cdh 6.1.0
356
VMScore
CVE-2018-10815
An issue exists in Cloudera Manager prior to 5.13.4, 5.14.x prior to 5.14.4, and 5.15.x prior to 5.15.1. A read-only user can access sensitive cluster information.
Cloudera Cloudera Manager
383
VMScore
CVE-2021-29243
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.
Cloudera Cloudera Manager
383
VMScore
CVE-2018-15913
An issue exists in Cloudera Manager 5.x up to and including 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizard is completed. The validity of this parameter was not checked. As ...
Cloudera Cloudera Manager
445
VMScore
CVE-2015-6495
There is Sensitive Information in Cloudera Manager prior to 5.4.6 Diagnostic Support Bundles.
Cloudera Cloudera Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »