21 matches found
EUVD-2021-26510
Malware in sbrugna...
EUVD-2020-19464
Malware in sbrugna...
CVE-2021-3167
In Cloudera Data Engineering CDE 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs...
Interning at Rapid7 Prague: Meet Mko
Mkrtich Hovsepyan – most people call him Mko – is an intern at Rapid7’s fast-growing office in Prague. He graduated from the luminous Charles University in Prague, and is currently a first-year master’s student in Artificial Intelligence there. He was in our first impressive crop of interns, and ...
Cloudera Data Engineering Information Disclosure Vulnerability
Cloudera Data Engineering is a service-less architecture cloud service from Cloudera, USA that supports the creation of Apache Spark tasks on a cloud platform. A security vulnerability exists in Cloudera Data Engineering CDE version 1.3.0 that stems from a JWT authentication token being exposed t...
CVE-2021-3167
In Cloudera Data Engineering CDE 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs...
CVE-2021-3167
In Cloudera Data Engineering CDE 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs...
Authentication flaw
In Cloudera Data Engineering CDE 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs...
CVE-2021-3167
In Cloudera Data Engineering CDE 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs...
CVE-2021-3167
In Cloudera Data Engineering (CDE) 1.3.0, the CVE-2021-3167 issue involves JWT authentication tokens being exposed to administrators via virtual cluster server logs. This is a disclosure impacting confidentiality (tokens visible in logs). The available connected documentation confirms the affecte...
Cloudera Data Engineering 信息泄露漏洞
Cloudera Data Engineering is a service-less architecture cloud service from Cloudera, USA that supports the creation of Apache Spark tasks on a cloud platform. A security vulnerability exists in Cloudera Data Engineering CDE version 1.3.0 that stems from a JWT authentication token being exposed t...
Cloudera Data Engineering Cross-Site Request Forgery Vulnerability
Cloudera Data Engineering is a service-less architecture cloud service from Cloudera, Inc. that supports the creation of Apache Spark tasks on a cloud platform. A cross-site request forgery vulnerability exists in Cloudera Data Engineering versions prior to 1.1, which stems from vulnerability to...
CVE-2020-26936
Cloudera Data Engineering CDE before 1.1 was vulnerable to a CSRF attack...
CVE-2020-26936
Cloudera Data Engineering CDE before 1.1 was vulnerable to a CSRF attack...
Cross site request forgery (csrf)
Cloudera Data Engineering CDE before 1.1 was vulnerable to a CSRF attack...
CVE-2020-26936
CVE-2020-26936 concerns Cloudera Data Engineering (CDE) before version 1.1, where a Cross-Site Request Forgery (CSRF) vulnerability exists. The provided documents identify the affected product and the vulnerability type but do not include detailed technical exploit steps, affected endpoints, or r...
CVE-2020-26936
Cloudera Data Engineering CDE before 1.1 was vulnerable to a CSRF attack...
Cloudera Data Engineering 跨站请求伪造漏洞
Cloudera Data Engineering is a service-less architecture cloud service from Cloudera, Inc. that supports the creation of Apache Spark tasks on a cloud platform. A cross-site request forgery vulnerability exists in Cloudera Data Engineering versions prior to 1.1, which stems from vulnerability to...
If You Don’t Have 2, You Don’t Have 1
If You Don’t Have 2, You Don’t Have 1 “If you don’t have 2, you don’t have 1” is something you hear often in our engineering group. This is our team’s way of stressing the importance of persistence in data engineering. If a stream goes down, you lose it. You have to get confirmation that data is...
Building a New Language for Data Processing
Building a New Language for Data Translation In previous posts, we’ve talked about the plan for and implementation of EQR Event Query Router—a system we created to solve the problem of querying large quantities of disparate data by end-user analysts in real-time. As with any major project, we fac...