CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

NVD•added 2019/11/26 4:15 p.m.•10 views

CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

8.3CVSS8.3AI score0.00832EPSS

Exploits0References1

CVE•added 2019/11/26 3:18 p.m.•39 views

CVE-2018-20090

CVE-2018-20090 affects Cloudera Data Science Workbench (CDSW) versions 1.4.0–1.4.2. The issue is an access-control flaw that allows authenticated users to bypass project permission checks and gain read/write access to any project folder. Root cause: improper enforcement of project-level permissio...

8.3CVSS8.2AI score0.00832EPSS

Exploits0References1Affected Software1

NVD•added 2019/06/21 3:15 p.m.•18 views

CVE-2018-15665

An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...

5.3CVSS5.3AI score0.01195EPSS

Exploits0References2

CVE•added 2019/06/21 2:18 p.m.•296 views

CVE-2018-15665

CDSW (Cloudera Data Science Workbench) is affected for versions 1.2.x through 1.4.0. The issue allows unauthenticated users to obtain a list of user accounts, constituting an information-disclosure vulnerability. The available connected sources confirm the affected product and vulnerable behavior...

5.3CVSS5.3AI score0.01195EPSS

Exploits0References2Affected Software1

CVE•added 2019/06/07 3:50 p.m.•52 views

CVE-2018-20091

CVEResult: Affected product is Cloudera Data Science Workbench (CDSW) versions 1.4.0–1.4.2. The issue is an SQL injection that would allow any authenticated user to execute arbitrary SQL queries against CDSW’s internal database. The internal DB stores user contact information, encrypted CDSW pass...

9.9CVSS9.2AI score0.01009EPSS

Exploits0References2Affected Software1

Prion•added 2018/02/05 3:29 a.m.•17 views

Design/Logic Flaw

An issue was discovered in Cloudera Data Science Workbench CDSW 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in combination to gain root access to CDSW nodes, gain...

6.5CVSS8.9AI score0.00936EPSS

Exploits0References1Affected Software1

CVE•added 2018/02/05 3:0 a.m.•49 views

CVE-2017-15536

CVE-2017-15536 affects Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. The CDSW web application contains multiple vulnerabilities that allow malicious authenticated users to escalate privileges within CDSW. By chaining these weaknesses, an attacker can achieve root access to CDSW nodes, ...

8.8CVSS8.8AI score0.00936EPSS

Exploits0References1Affected Software1

Cvelist•added 2018/02/05 3:0 a.m.•16 views

CVE-2017-15536

9AI score0.00936EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by