Cloudera CDH 5.2.6

CPE Details

Cloudera CDH 5.2.6
cloudera
cdh
5.2.6
2017-04-14
14h35 +00:00
2017-04-14
14h35 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cloudera:cdh:5.2.6:*:*:*:*:*:*:*

Informations

Vendor

cloudera

Product

cdh

Version

5.2.6

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-17860 2019-11-26 13h11 +00:00 Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.
7.2
High
CVE-2015-7831 2019-11-26 12h58 +00:00 In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.
8.8
High
CVE-2016-3131 2019-11-26 12h57 +00:00 Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls.
6.5
Medium
CVE-2016-5724 2019-11-26 12h49 +00:00 Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.
7.5
High
CVE-2016-6353 2019-11-26 12h48 +00:00 Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.
6.5
Medium
CVE-2017-9325 2019-07-03 14h23 +00:00 The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
7.5
High
CVE-2016-6605 2017-04-10 12h00 +00:00 Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.
7.5
High