CVE-2017-9325

The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.

CVE-2018-17860

Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.

CVE-2016-5724

Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.

CVE-2016-6605

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.