Lucene search
K
ClouderaData Science Workbench

5 matches found

CVE
CVE
added 2019/06/21 2:18 p.m.300 views

CVE-2018-15665

CDSW (Cloudera Data Science Workbench) is affected for versions 1.2.x through 1.4.0. The issue allows unauthenticated users to obtain a list of user accounts, constituting an information-disclosure vulnerability. The available connected sources confirm the affected product and vulnerable behavior...

5.3CVSS5.3AI score0.01195EPSS
CVE
CVE
added 2019/07/03 3:46 p.m.63 views

CVE-2018-11215

CVE-2018-11215 concerns Cloudera Data Science Workbench (CDSW) versions 1.3.0 and earlier. The connected records consistently state a remote code execution vulnerability in CDSW, caused by unspecified attack vectors. The sources do not disclose the exact root cause, affected software components b...

9.8CVSS9.6AI score0.02399EPSS
CVE
CVE
added 2019/06/07 3:50 p.m.55 views

CVE-2018-20091

CVEResult: Affected product is Cloudera Data Science Workbench (CDSW) versions 1.4.0–1.4.2. The issue is an SQL injection that would allow any authenticated user to execute arbitrary SQL queries against CDSW’s internal database. The internal DB stores user contact information, encrypted CDSW pass...

9.9CVSS9.2AI score0.01009EPSS
CVE
CVE
added 2018/02/05 3:0 a.m.53 views

CVE-2017-15536

CVE-2017-15536 affects Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. The CDSW web application contains multiple vulnerabilities that allow malicious authenticated users to escalate privileges within CDSW. By chaining these weaknesses, an attacker can achieve root access to CDSW nodes, ...

8.8CVSS8.8AI score0.00936EPSS
CVE
CVE
added 2019/11/26 3:18 p.m.43 views

CVE-2018-20090

CVE-2018-20090 affects Cloudera Data Science Workbench (CDSW) versions 1.4.0–1.4.2. The issue is an access-control flaw that allows authenticated users to bypass project permission checks and gain read/write access to any project folder. Root cause: improper enforcement of project-level permissio...

8.3CVSS8.2AI score0.00832EPSS