Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sentry sentry vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-15506
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and previous versions, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote malicious users to bypass authentication mechanisms via unspecified vector...
Mobileiron Cloud
Mobileiron Core
Mobileiron Enterprise Connector
Mobileiron Reporting Database
Mobileiron Sentry
1 Github repository
10
CVSSv2
CVE-2013-7287
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
Mobileiron Sentry
Mobileiron Virtual Smartphone Platform
5
CVSSv2
CVE-2013-7286
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm
Att Mobileiron Sentry
Att Mobileiron Virtual Smartphone Platform
6.4
CVSSv2
CVE-2014-1409
MobileIron VSP versions before 5.9.1 and Sentry versions before 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords
Mobileiron Virtual Smartphone Platform
Mobileiron Sentry
3.5
CVSSv2
CVE-2016-6353
Cloudera Search in CDH prior to 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.
Cloudera Cdh
4.6
CVSSv2
CVE-2019-10084
In Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to the IDs of active Impala queries or sessions can interact with those sessions or queries via a specially-constructed request and thereby potentially bypass authorization and audit mechanisms. Session and query ...
Apache Impala
6.4
CVSSv2
CVE-2017-9325
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
Cloudera Cdh
7.5
CVSSv2
CVE-2018-19333
pkg/sentry/kernel/shm/shm.go in Google gVisor prior to 2018-11-01 allows malicious users to overwrite memory locations in processes running as root (but not escape the sandbox) via vectors involving IPC_RMID shmctl calls, because reference counting is mishandled.
Google Gvisor
5.5
CVSSv2
CVE-2018-11777
In Apache Hive 2.3.3, 3.1.0 and previous versions, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is not in use.
Apache Hive
1 Github repository
6.5
CVSSv2
CVE-2018-8028
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry prior to 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an malicious user to remove data from a Sen...
Apache Sentry
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »