PT-2019-9528 · Cloudera · Cloudera Cdh
Publicado
2019-11-26
·
Atualizado
2019-12-12
·
CVE-2018-17860
CVSS v3.1
7.2
Alta
| Vetor | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cloudera CDH versions 5.x through 5.15.1
Cloudera CDH versions 6.x through 6.0.1
Description
The issue is related to Insecure Permissions in Cloudera CDH, where ALL cannot be revoked.
Recommendations
For versions 5.x through 5.15.1, update to a version that includes the fix for this issue.
For versions 6.x through 6.0.1, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to sensitive resources to minimize the risk of exploitation.
Correção
Incorrect Default Permissions
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cloudera Cdh