CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32483
https://notcve.org/view.php?id=CVE-2021-32483
08 Nov 2021 — Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard. Cloudera Manager versión 7.2.4, presenta un Control de Acceso Incorrecto, permitiendo una Escalada de Privilegios para visualizar el Dashboard restringido • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30132
https://notcve.org/view.php?id=CVE-2021-30132
08 Nov 2021 — Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. Cloudera Manager versión 7.2.4, presenta un Control de Acceso Incorrecto, permitiendo una Escalada de Privilegios • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29243
https://notcve.org/view.php?id=CVE-2021-29243
08 Nov 2021 — Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. Cloudera Manager versiones 5.x, 6.x, 7.1.x, 7.2.x y 7.3.x, permiten un ataque de tipo XSS • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-32482
https://notcve.org/view.php?id=CVE-2021-32482
08 Nov 2021 — Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter. Cloudera Manager versiones 5.x, 6.x, 7.1.x, 7.2.x y 7.3.x, permiten un ataque de tipo XSS por medio del parámetro path • https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •