Skip to main content

Cdh

4 CVEs product

Monthly

CVE-2019-7319 HIGH This Week

An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cdh
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2016-6605 HIGH This Week

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cdh
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2014-0229 Maven MEDIUM PATCH This Month

Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apache Privilege Escalation Cdh Hadoop
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2013-6446 LOW Monitor

The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cdh
NVD
CVSS 3.0
3.1
EPSS
0.2%
EPSS 1% CVSS 8.3
HIGH This Week

An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cdh
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cdh
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apache Privilege Escalation +2
NVD
EPSS 0% CVSS 3.1
LOW Monitor

The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cdh
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy