Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-4104

Malware in sbrugna...

3.5CVSS4AI score0.00509EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-17947

Malware in sbrugna...

5.5CVSS5.1AI score0.00455EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 1:8 p.m.8 views

CVE-2018-6185

In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...

5.5CVSS7.2AI score0.00455EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/12 12:0 a.m.3 views

Cloudera Navigator Key Trustee KMS Encryption Issue Vulnerability

Cloudera Navigator Key Trustee KMS is a customized secret key management server from Cloudera. A security vulnerability exists in Cloudera Navigator Key Trustee KMS versions 5.12 and 5.13. An attacker can exploit the vulnerability to recover previously deleted but not cleaned keys or delete the...

5.5CVSS6.8AI score0.00455EPSS
Exploits0References1
NVD
NVD
added 2019/06/07 3:29 p.m.27 views

CVE-2018-6185

In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...

5.5CVSS5.3AI score0.00455EPSS
Exploits0References2
OSV
OSV
added 2019/06/07 3:29 p.m.5 views

CVE-2018-6185

In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...

4.9CVSS5.9AI score0.00455EPSS
Exploits0References2
Prion
Prion
added 2019/06/07 3:29 p.m.15 views

Design/Logic Flaw

In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...

5.5CVSS5.3AI score0.00455EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2019/06/07 2:54 p.m.67 views

CVE-2018-6185

CVE-2018-6185 concerns Cloudera Navigator Key Trustee KMS (versions 5.12 and 5.13). The root cause is an incorrect default ACL configuration for the two additional APIs (PURGE and UNDELETE) that govern encryption-zone keys; the ACLs default to “*”, permitting remote access to these commands. This...

5.5CVSS5.3AI score0.00455EPSS
Exploits0References2Affected Software2
CNVD
CNVD
added 2017/03/30 12:0 a.m.2 views

Cloudera Navigator Security Bypass Vulnerability

Cloudera Navigator is a suite of data management tools for Hadoop platform integration from Cloudera, USA. The tool provides features such as auditing data access and validating access rights, searching metadata, and visualization. A security bypass vulnerability exists in Cloudera Navigator. An...

3.5CVSS6.7AI score0.00509EPSS
Exploits0References1
Prion
Prion
added 2017/03/23 8:59 p.m.17 views

Code injection

Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 aka POODLE...

3.5CVSS3.9AI score0.99999EPSS
Exploits7References1Affected Software2
Rows per page
Query Builder