Cloudera CDH 5.0.0

CPE Details

Cloudera CDH 5.0.0
cloudera
cdh
5.0.0
2019-12-12
13h44 +00:00
2019-12-12
13h44 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:cloudera:cdh:5.0.0:-:*:*:*:*:*:*

Informations

Vendor

cloudera

Product

cdh

Version

5.0.0

Update

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2018-17860 2019-11-26 13h11 +00:00 Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.
7.2
Haute
CVE-2015-7831 2019-11-26 12h58 +00:00 In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.
8.8
Haute
CVE-2016-3131 2019-11-26 12h57 +00:00 Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls.
6.5
Moyen
CVE-2016-5724 2019-11-26 12h49 +00:00 Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.
7.5
Haute
CVE-2016-6353 2019-11-26 12h48 +00:00 Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.
6.5
Moyen
CVE-2017-9325 2019-07-03 14h23 +00:00 The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
7.5
Haute
CVE-2014-0229 2017-03-23 19h00 +00:00 Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDatanode HDFS admin commands, which allows remote authenticated users to cause a denial of service (DataNodes shutdown) or perform unnecessary operations by issuing a command.
6.5
Moyen