CVE-2018-10815

An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information...

CVE-2016-9271

Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature...

EUVD-2016-10082

Malware in sbrugna...

EUVD-2016-5922

Malware in sbrugna...

EUVD-2016-5923

Malware in sbrugna...

EUVD-2018-2884

Malware in sbrugna...

EUVD-2018-17565

Malware in sbrugna...

EUVD-2019-5638

Malware in sbrugna...

EUVD-2021-19328

Malware in sbrugna...

EUVD-2021-17070

Malware in sbrugna...

EUVD-2014-8565

Malware in sbrugna...

EUVD-2015-4477

Malware in sbrugna...

EUVD-2015-2369

Malware in sbrugna...

CVE-2021-32482

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter...

CVE-2021-29243

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS...

CVE-2021-30132

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges...

CVE-2018-15913

An issue was discovered in Cloudera Manager 5.x through 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizard is completed. The validity of this parameter was not checked. As a result, the user could be...

CVE-2019-14449

An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting XSS when viewed within this product...

CVE-2018-5798

This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager...

CVE-2017-9326

The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not exposed...