51 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0

IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480. IBM Big SQL en IBM Cloud Pak for Data versiones 7.1.0, 7.1.1, 7.2.0 y 7.2.3, podría permitir a un usuario autenticado con los permisos adecuados obtener información confidencial al omitir las reglas de enmascaramiento de datos mediante una sentencia CREATE TABLE SELECT. IBM X-Force ID: 220480 • https://exchange.xforce.ibmcloud.com/vulnerabilities/220480 https://www.ibm.com/support/pages/node/6563021 •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard. Cloudera Manager versión 7.2.4, presenta un Control de Acceso Incorrecto, permitiendo una Escalada de Privilegios para visualizar el Dashboard restringido • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager https://my.cloudera.com/knowledge/TSB-2021-491-Authorization-Bypass-in-Cloudera-Manager?id=314482 •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. Cloudera Manager versión 7.2.4, presenta un Control de Acceso Incorrecto, permitiendo una Escalada de Privilegios • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html https://my.cloudera.com/knowledge/TSB-2021-491-Authorization-Bypass-in-Cloudera-Manager?id=314482 •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. Cloudera Manager versiones 5.x, 6.x, 7.1.x, 7.2.x y 7.3.x, permiten un ataque de tipo XSS • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. Cloudera Manager versiones 5.x, 6.x, 7.1.x, 7.2.x y 7.3.x, permiten un ataque de tipo XSS por medio del parámetro path • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •