Manager Security Vulnerabilities and Issues — Manager CVE List

Lucene search

ClouderaManager

3 matches found

CVE•added 2017/03/07 4:59 p.m.•39 views

CVE-2016-4949

Cloudera Manager 5.5 and earlier allows remote attackers to obtain sensitive information via a (1) stderr.log or (2) stdout.log value in the filename parameter to /cmf/process//logs.

7.5CVSS7.2AI score0.00613EPSS

CVE•added 2017/03/07 4:59 p.m.•34 views

CVE-2016-4950

Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions.

7.5CVSS7.4AI score0.00613EPSS

CVE•added 2017/03/07 4:59 p.m.•31 views

CVE-2016-4948

Multiple cross-site scripting (XSS) vulnerabilities in Cloudera Manager 5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Template Name field when renaming a template; (2) KDC Server host, (3) Kerberos Security Realm, (4) Kerberos Encryption Types, (5) Advanc...

6.1CVSS6.3AI score0.00105EPSS