Skip to main content

Data Engineering

2 CVEs product

Monthly

CVE-2021-3167 MEDIUM This Month

In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Data Engineering
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-26936 HIGH This Week

Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Data Engineering
NVD
CVSS 3.1
8.8
EPSS
0.4%
EPSS 1% CVSS 6.5
MEDIUM This Month

In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Data Engineering
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Data Engineering
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy