Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudera vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-11744
Cloudera Manager up to and including 5.15 has Incorrect Access Control.
Cloudera Cloudera Manager
4.3
CVSSv2
CVE-2021-32482
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter.
Cloudera Cloudera Manager
5
CVSSv2
CVE-2015-6495
There is Sensitive Information in Cloudera Manager prior to 5.4.6 Diagnostic Support Bundles.
Cloudera Cloudera Manager
4.3
CVSSv2
CVE-2018-15913
An issue exists in Cloudera Manager 5.x up to and including 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizard is completed. The validity of this parameter was not checked. As ...
Cloudera Cloudera Manager
7.5
CVSSv2
CVE-2021-30132
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
Cloudera Cloudera Manager 7.2.4
3.5
CVSSv2
CVE-2017-9326
The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not exposed.
Cloudera Cloudera Manager 5.11.0
5
CVSSv2
CVE-2021-32483
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard.
Cloudera Cloudera Manager 7.2.4
4
CVSSv2
CVE-2016-3131
Cloudera CDH prior to 5.6.1 allows authorization bypass via direct internal API calls.
Cloudera Cdh
Cloudera Cdh 5.6.0
6.5
CVSSv2
CVE-2012-1574
The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 up to and including 0.20.205.0, 0.23.x prior to 0.23.2, and 1.0.x prior to 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin prior to 0.20.2+923.197, and other products, allows...
Apache Hadoop 0.20.203.0
Apache Hadoop 0.20.204.0
Apache Hadoop 0.20.205.0
Apache Hadoop 0.23.1
Apache Hadoop 1.0.0
Apache Hadoop 0.23.0
Apache Hadoop 1.0.1
Cloudera Hadoop 0.20.1\\+169
Cloudera Hadoop 0.20.2\\+923
Cloudera Cloudera Cdh Cdh3
Cloudera Hadoop 0.20-sbin
6.4
CVSSv2
CVE-2017-9325
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
Cloudera Cdh
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28254
CVE-2024-32515
CVE-2024-21338
validation
CVE-2024-32522
dos
CVE-2024-2101
CVE-2024-21107
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »