Page 4 of 51 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en la interfaz de usuario de Cloudera Manager versiones anteriores a 5.4.3, permiten a usuarios autenticados remotos inyectar script web o HTML arbitrario utilizando vectores no especificados. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_c1c_zbn_js • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles. Existe información confidencial en Paquetes de Soporte de Diagnóstico de Cloudera Manager versiones anteriores a 5.4.6. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_alalsdfkl4320_lfsk30f__l2k3jfsw34__39 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. En Cloudera Hue, un usuario de solo lectura puede escalar privilegios cuando se utiliza CDH versiones 5.x anteriores a 5.4.9. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_gd2_r25_2v • CWE-269: Improper Privilege Management •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls. Cloudera CDH versiones anteriores a 5.6.1, permite la omisión de autorización por medio de llamadas de la API internas y directas. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#tsb_120 • CWE-863: Incorrect Authorization •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files. Cloudera Manager versiones 5.x anteriores a 5.7.1, ubica Datos Confidenciales en Archivos Legibles de texto sin cifrar. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#tsb_134 • CWE-312: Cleartext Storage of Sensitive Information •