Cloudera Manager Security Vulnerabilities and Issues — Cloudera Manager CVE List

Lucene search

ClouderaCloudera Manager

6 matches found

CVE•added 2019/11/26 4:15 p.m.•33 views

CVE-2016-9271

Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.

5.4CVSS5.2AI score0.00343EPSS

CVE•added 2019/11/26 5:15 p.m.•31 views

CVE-2019-14449

An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this product.

5.4CVSS5.3AI score0.00343EPSS

CVE•added 2019/11/26 2:15 p.m.•29 views

CVE-2016-3192

Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files.

6.5CVSS6.5AI score0.00189EPSS

CVE•added 2019/11/26 4:15 p.m.•29 views

CVE-2017-7399

Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.

8.8CVSS8.5AI score0.00336EPSS

CVE•added 2019/11/26 3:15 p.m.•28 views

CVE-2015-4457

Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.

5.4CVSS5.1AI score0.00187EPSS

CVE•added 2019/11/26 2:15 p.m.•25 views

CVE-2015-6495

There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.

7.5CVSS7.5AI score0.00399EPSS