5 matches found
EUVD-2018-17947
Malware in sbrugna...
CVE-2018-6185
In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...
CVE-2018-6185
In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...
Design/Logic Flaw
In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...
CVE-2018-6185
CVE-2018-6185 concerns Cloudera Navigator Key Trustee KMS (versions 5.12 and 5.13). The root cause is an incorrect default ACL configuration for the two additional APIs (PURGE and UNDELETE) that govern encryption-zone keys; the ACLs default to “*”, permitting remote access to these commands. This...