Cloudera CDH 5.0.0

CPE Details

Cloudera CDH 5.0.0
cloudera
cdh
5.0.0
2019-12-12
13h44 +00:00
2019-12-12
13h44 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cloudera:cdh:5.0.0:-:*:*:*:*:*:*

Informations

Vendor

cloudera

Product

cdh

Version

5.0.0

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-17860 2019-11-26 13h11 +00:00 Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.
7.2
High
CVE-2015-7831 2019-11-26 12h58 +00:00 In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.
8.8
High
CVE-2016-3131 2019-11-26 12h57 +00:00 Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls.
6.5
Medium
CVE-2016-5724 2019-11-26 12h49 +00:00 Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.
7.5
High
CVE-2016-6353 2019-11-26 12h48 +00:00 Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.
6.5
Medium
CVE-2017-9325 2019-07-03 14h23 +00:00 The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
7.5
High
CVE-2014-0229 2017-03-23 19h00 +00:00 Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDatanode HDFS admin commands, which allows remote authenticated users to cause a denial of service (DataNodes shutdown) or perform unnecessary operations by issuing a command.
6.5
Medium