PT-2019-8769 · Cloudera · Cloudera Manager

Publicado

2019-05-24

Atualizado

2019-05-28

CVE-2018-10815

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cloudera Manager versions prior to 5.13.4 Cloudera Manager versions 5.14.x prior to 5.14.4 Cloudera Manager versions 5.15.x prior to 5.15.1

Description A security issue allows a read-only user to access sensitive cluster information.

Recommendations For Cloudera Manager versions prior to 5.13.4, update to version 5.13.4 or later. For Cloudera Manager versions 5.14.x prior to 5.14.4, update to version 5.14.4 or later. For Cloudera Manager versions 5.15.x prior to 5.15.1, update to version 5.15.1 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2018-10815

Produtos afetados

Cloudera Manager

PT-2019-8769 · Cloudera · Cloudera Manager

CVE-2018-10815

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4