Cloudera · Cloudera Data Science Workbench · CVE-2018-20090
**Name of the Vulnerable Software and Affected Versions**
Cloudera Data Science Workbench versions 1.4.0 through 1.4.2
**Description**
An issue allows authenticated users to bypass project permission checks, resulting in read-write access to any project folder.
**Recommendations**
For Cloudera Data Science Workbench versions 1.4.0 through 1.4.2, update to a version that contains a fix for this issue to prevent unauthorized access to project folders.