PT-2019-9156 · Cloudera · Cloudera Data Science Workbench

Publicado

2019-06-21

·

Atualizado

2019-06-21

·

CVE-2018-15665

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Cloudera Data Science Workbench versions 1.2.x through 1.4.0
Description An issue in Cloudera Data Science Workbench allows unauthenticated users to obtain a list of user accounts.
Recommendations For versions 1.2.x through 1.4.0, update to a version that contains a fix for this issue to prevent unauthenticated users from accessing user account information.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2018-15665

Produtos afetados

Cloudera Data Science Workbench