9 results (0.008 seconds)

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. Cloudera Manager versiones 5.x, 6.x, 7.1.x, 7.2.x y 7.3.x, permiten un ataque de tipo XSS • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. Cloudera Manager versiones 5.x, 6.x, 7.1.x, 7.2.x y 7.3.x, permiten un ataque de tipo XSS por medio del parámetro path • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this product. Se detectó un problema en Cloudera Manager versiones 5.x anteriores a 5.16.2, versiones 6.0.x anteriores a 6.0.2 y versiones 6.1.x anteriores a 6.1.1. Las consultas impala maliciosas pueden resultar en un ataque de tipo Cross Site Scripting (XSS) cuando se visualizan dentro de este producto. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_sky_fq1_cjb • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0

Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users. Cloudera Manager versiones 5.8.x anteriores a 5.8.5, versiones 5.9.x anteriores a 5.9.2 y versiones 5.10.x anteriores a 5.10.1, permite a un usuario de solo lectura de Cloudera Manager descubrir los nombres de usuario de otros usuarios y elevar los privilegios de esos usuarios. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_tvf_34r_1cb • CWE-269: Improper Privilege Management •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

Cloudera Manager through 5.15 has Incorrect Access Control. Cloudera Manager hasta la versión 5.15, presenta un Control de Acceso Incorrecto. • https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager • CWE-284: Improper Access Control •