📦

cloudera_manager

Vendor: cloudera

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 59 Total Indexed
Avg. EPSS 0.27% Exploit Prob.
Latest CVE CVE-2021-32483 Nov 08

Security Vulnerability Index

Page 1 / 6
5.3 CVSS
CVE-2021-32483

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard.

EPSS: 0.21%
9.8 CVSS
CVE-2021-30132

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.

EPSS: 0.53%
6.1 CVSS
CVE-2021-32482

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter.

EPSS: 0.27%
6.1 CVSS
CVE-2021-29243

Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.

EPSS: 0.27%
5.4 CVSS
CVE-2019-14449

An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this product.

EPSS: 0.29%
8.8 CVSS
CVE-2017-7399

Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.

EPSS: 0.32%
5.4 CVSS
CVE-2016-9271

Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.

EPSS: 0.29%
5.4 CVSS
CVE-2015-4457

Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.

EPSS: 0.19%
6.5 CVSS
CVE-2016-3192

Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files.

EPSS: 0.19%
7.5 CVSS
CVE-2015-6495

There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.

EPSS: 0.40%