Cloudera Manager Security Vulnerabilities and Issues — Cloudera Manager CVE List

Lucene search

ClouderaCloudera Manager

3 matches found

CVE•added 2019/06/20 7:15 p.m.•150 views

CVE-2018-15913

An issue was discovered in Cloudera Manager 5.x through 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizard is completed. The validity of this parameter was not checked. As a result, the user could be autom...

6.1CVSS6.4AI score0.00312EPSS

CVE•added 2019/06/07 3:29 p.m.•56 views

CVE-2018-5798

This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager.

6.1CVSS6AI score0.00312EPSS

CVE•added 2019/06/07 3:29 p.m.•51 views

CVE-2018-6185

In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for the...

5.5CVSS5.3AI score0.00117EPSS