CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2018-17860
https://notcve.org/view.php?id=CVE-2018-17860
Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1. Cloudera CDH posee Permisos No Seguros porque TODOS no se pueden revocar, lo que afecta a versiones 5.x hasta 5.15.1 y versiones 6.x hasta 6.0.1. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_vp4_q2x_thb https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hadoop • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-4572
https://notcve.org/view.php?id=CVE-2016-4572
In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges. En Cloudera CDH versiones anteriores a 5.7.1, los comandos Impala REVOKE ALL ON SERVER no revocan todos los privilegios. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#id_nd4_xkr_1cb • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5724
https://notcve.org/view.php?id=CVE-2016-5724
Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles. Cloudera CDH versiones anteriores a 5.9, presenta Información Potencialmente Confidencial en Paquetes de Soporte de Diagnóstico. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#tsb-166 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-9325
https://notcve.org/view.php?id=CVE-2017-9325
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs. La configuración de ejemplo de solrconfig.xml segura provista no impone la autorización de Sentry en / update / json / docs. • https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html • CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 43EXPL: 0CVE-2016-6605
https://notcve.org/view.php?id=CVE-2016-6605
Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. Impala en CDH desde 5.2.0 hasta la versión 5.7.2 y 5.8.0 permite a atacantes remotos eludir la autorización de Setry. • https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_all_product_issues.html#tsb_174 • CWE-284: Improper Access Control •