CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-7319
https://notcve.org/view.php?id=CVE-2019-7319
An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges. Se detectó un problema en Cloudera Hue versiones 6.0.0 hasta 6.1.0. Cuando se usa uno de los siguientes backends de autenticación: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend u OAuthBackend, los usuarios externos son creados con privilegios de superusuario. • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_o2p_hjm_33b https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hue • CWE-269: Improper Privilege Management •