Authentication flaw

2019-11-2616:15:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.0%

JSON

An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.

CPENameOperatorVersion
cdheq6.0.0
cdheq6.0.1
cdheq6.1.0

Name	Operator	Version
cdh	eq	6.0.0
cdh	eq	6.0.1
cdh	eq	6.1.0

References

docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html

www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html