PT-2019-8779 · Cloudera · Cloudera Data Science Workbench

Published

2019-07-03

·

Updated

2020-08-24

·

CVE-2018-11215

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Cloudera Data Science Workbench versions prior to 1.3.0
Description Remote code execution is possible via unspecified attack vectors.
Recommendations For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue.

Fix

OS Command Injection

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-78CWE-200

Related Identifiers

CVE-2018-11215

Affected Products

Cloudera Data Science Workbench